![T-Mobile may have been hacked as part of monthslong campaign by Chinese hackers [UPDATED]](https://m-cdn.phonearena.com/images/article/164879-wide-two_1200/T-Mobile-may-have-been-hacked-as-part-of-monthslong-campaign-by-Chinese-hackers-UPDATED.jpg "T-Mobile may have been hacked as part of monthslong campaign by Chinese hackers [UPDATED]")
T-Mobile tells us that it has no evidence that it was intruded. The company is closely monitoring the industry-wide Salt Typhoon cyberattack and has observed no significant impacts on its systems or data.
T-Mobile is closely monitoring this industry-wide attack. Due to our security controls, network structure and diligent monitoring and response we have seen no significant impacts to T-Mobile systems or data. We have no evidence of access or exfiltration of any customer or other sensitive information as other companies may have experienced. We will continue to monitor this closely, working with industry peers and the relevant authorities.
T-Mobile spokesperson, November 2024
In October, Chinese hacker group Salt Typhoon breached multiple US companies including AT&T, Verizon, and Lumen Technologies. The Wall Street Journal reports that T-Mobile was also a victim during that Chinese spy campaign.
The Salt Typhoon cyberattack allegedly targeted US wiretap systems that monitor conversations surreptitiously. Apparently, the government-linked Chinese group wanted to access information that telecommunication companies collect for the US government.
It has only now come to light that T-Mobile was also a victim. Hackers backed by a Chinese intelligence agency successfully targeted T-Mobile during a monthslong operation to eavesdrop on the cellphone communications of high-value intelligence targets.
It’s not clear what data was taken in the breach and it hasn’t been confirmed if the hackers were able to attain call and communications records of T-Mobile customers. A T-Mobile spokeswoman said that the attack did not significantly impact the company.
Salt Typhoon reportedly exploited vulnerabilities such as router and switch flaws to penetrate telecom infrastructure and is believed to have utilized artificial intelligence and machine learning to enhance the operations. It was able to maintain its access to parts of the infrastructure for eight months or longer.
As part of the wider campaign, the cybercriminals accessed cellphone lines used by top-ranking government officials and politicians. The access allowed them to view call logs, unencrypted text messages and some audio from victims. This means that the hacker group was able to find out who someone talked to and when, the frequency of contacts, and possibly location data.Apparently, the hackers had the ability to access data on any US citizen but they probably only went after counterintelligence targets.
The China-led hacking campaign highlights how legally mandated back doors could give cybercriminals access points into critical systems. It also shows that American telecom companies are highly vulnerable to attacks.