T-Mobile has been identified as one of several telecom providers targeted in a sweeping cyber-espionage campaign linked to Chinese intelligence operatives.
The operation, which spanned months, compromised multiple U.S. and international telecommunications networks, according to insiders familiar with the matter.
The hackers, associated with a group known as Salt Typhoon, infiltrated T-Mobile’s systems as part of a larger effort to monitor the communications of high-value intelligence targets. While it remains unclear what data was accessed, there’s no current evidence that T-Mobile customers’ call logs or communications were significantly affected.
T-Mobile’s Response
In a statement addressing the breach, a T-Mobile spokesperson assured users:
“T-Mobile is closely monitoring this industry-wide attack. At this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information. We will continue to monitor this closely, working with industry peers and the relevant authorities.”
This development places T-Mobile alongside other telecom companies like AT&T, Verizon, and Lumen Technologies, which were previously reported as victims of the same campaign. U.S. officials have described the Salt Typhoon attack as one of the most significant and catastrophic cyber-espionage incidents in recent history.
The Salt Typhoon hackers reportedly leveraged vulnerabilities in networking hardware, including Cisco Systems routers, to gain access. Investigators suspect the group employed artificial intelligence and machine learning to enhance their capabilities, enabling sustained access to telecom infrastructure for more than eight months.
Their sophisticated methods allowed access to sensitive communications data, including call logs, unencrypted text messages, and audio recordings of senior U.S. national security and government officials. This unprecedented access raises major national-security concerns.
Additionally, the attackers reportedly breached systems used by telecom companies to comply with U.S. surveillance orders, potentially exposing classified or sensitive law enforcement information.
The Biden administration recently addressed the hack in a joint statement from the FBI and Cybersecurity and Infrastructure Security Agency (CISA):
“Chinese government-linked hackers compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications, and the copying of certain information subject to U.S. law enforcement requests pursuant to court orders.”
The agencies added that the investigation is ongoing and warned that additional revelations about the attack are expected.
