U.S. Accuses Chinese Hackers Of Stealing Surveillance Data From Telecom Companies

The hackers infiltrated the networks of several telecommunications companies, allowing them to gather customer call records and access the private communications of a limited number of individuals primarily involved in government and politics.

Further, the two agencies said the hackers also duplicated certain information requested by U.S. law enforcement under court orders.

While the officials did not disclose the names of the telecommunications companies impacted by the hack, it did indicate that their understanding of these breaches is likely to deepen as the investigation progresses.

The agencies have also encouraged organizations that believe they were affected by the breach to contact their local FBI field office or CISA.

“The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) continue to render technical assistance, rapidly share information to assist other potential victims, and work to strengthen cyber defenses across the commercial communications sector. We encourage any organization that believes it might be a victim to engage its local FBI Field Office or CISA.”

The recent joint statement follows CISA and the FBI’s confirmation in late October of a hack attributed to a Chinese hacking group known as Salt Typhoon (aka Earth Estries, FamousSparrow, Ghost Emperor, and UNC2286) that had breached some major broadband providers in the U.S., including Verizon, AT&T, and Lumen Technologies.

The joint statement also confirms previous media reports that the threat group had accessed U.S. federal government systems involved in court-authorized network wiretapping requests.