T-Mobile’s network was one of the systems compromised in a significant Chinese cyber-espionage campaign that targeted several U.S. and international telecommunications companies.
Hackers associated with a Chinese intelligence agency reportedly infiltrated T-Mobile as part of a prolonged effort to monitor cellphone communications of high-value intelligence targets. It is unclear what information, if any, was taken about T-Mobile customers’ calls and communications records.
A T-Mobile spokesperson informed Reuters via email that, “T-Mobile is closely monitoring this industry-wide attack.”
“At this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information,” the spokesperson added.
The breach of T-Mobile which was first reported by the WSJ, broadens the roster of victims in a cyber-espionage campaign orchestrated by Chinese hackers, known as Salt Typhoon. This campaign, described by some U.S. officials as historically severe and far-reaching, had previously affected major telecom providers including AT&T, Verizon, and Lumen Technologies, as reported in October.
The hackers employed advanced techniques to compromise U.S. telecommunications infrastructure, exploiting vulnerabilities such as those in Cisco Systems routers. Investigators suspect that the group leveraged artificial intelligence or machine learning to enhance their espionage capabilities, according to sources familiar with the investigation. The breaches persisted for at least eight months, during which time the attackers infiltrated significant portions of the infrastructure.
As part of the larger campaign, the attackers accessed cellphone lines used by high-level U.S. national security and policy officials, as well as various politicians. This access allowed them to collect call logs, unencrypted text messages, and some audio, raising concerns over potential national-security implications. Additionally, foreign telecom companies, including those in nations allied with the U.S. for intelligence-sharing, were also affected.
In a joint statement, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency confirmed that Chinese state-linked hackers had infiltrated networks at multiple telecom companies. The attackers aimed to steal call record data, intercept private communications of individuals involved in political and governmental activities, and duplicate certain data subject to U.S. court-ordered surveillance requests.
“We anticipate that our understanding of these breaches will deepen as the investigation advances,” the statement noted.
The hackers also gained access to information stored in systems used by carriers to comply with U.S. surveillance orders, further amplifying counterintelligence concerns. Investigators continue to examine the full extent of the breach, attributed to the Salt Typhoon group. In the case of Lumen Technologies, which does not provide wireless services, attackers reportedly did not exfiltrate customer data or access its wiretap systems, sources said.
Beijing has previously denied U.S. government and other claims that it employs hackers to compromise foreign computer systems.
Source: https://www.linkedin.com/pulse/t-mobile-hacked-monumental-chinese-breach-us-telecom-ris9e/
