Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Nation-State

T-Mobile Also Targeted in Chinese Telecom Hacking Campaign

T-Mobile has also been targeted by the Chinese group Salt Typhoon in a major espionage campaign targeting US telecom companies. 

T-Mobile hacked

T-Mobile has also been targeted by the Chinese threat group Salt Typhoon in a major cyberespionage campaign targeting several telecommunications companies in the United States.

The Wall Street Journal revealed in September that the China-linked threat actor had hacked into the networks of several major US broadband providers, potentially compromising wiretap systems in search of sensitive information. 

The publication later revealed that the list of victims included companies such as Verizon, AT&T and Lumen Technologies, as well as some service providers outside the US. 

Last week, the cybersecurity agency CISA and the FBI confirmed investigating what they described as a broad and significant Chinese cyberespionage campaign targeting telecom infrastructure.

The agencies said hackers had compromised the networks of multiple telecommunications companies to steal customer call record data. 

In addition, their investigation showed “the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders”.

The Wall Street Journal has continued digging into the story and on Friday reported learning from people familiar with the matter that T-Mobile was also targeted by Salt Typhoon as part of this campaign. 

In response to the WSJ report, T-Mobile said it’s “closely monitoring this industry-wide attack”, but noted that it has seen no significant impact to its systems or data, attributing this to its security controls, network structure, and diligent monitoring and response. 

Advertisement. Scroll to continue reading.

“We have no evidence of access or exfiltration of any customer or other sensitive information as other companies may have experienced,” T-Mobile stated. “We will continue to monitor this closely, working with industry peers and the relevant authorities.”

It’s worth noting that T-Mobile suffered several significant data breaches in recent years, including incidents that impacted tens of millions of customers. 

Bloomberg reported recently that Chinese hackers also breached the systems of Singapore-based telecommunications provider Singtel, likely as part of a test run for attacks targeting US carriers. 

Related: US Gov Agency Urges Employees to Limit Phone Use After China ‘Salt Typhoon’ Hack

Related: China’s Volt Typhoon Rebuilding Botnet

Related: China Making Claims About Encryption Cracking and Intel Backdoors

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

Cloud and container security firm Sysdig has tapped William Welch as CEO on its path to an IPO.

Dave Scher has been promoted to Deputy Chief Information Officer at MITRE.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.