A major Chinese hacking campaign has compromised at least eight U.S. telecommunications companies and impacted dozens of countries, according to White House Deputy National Security Adviser Anne Neuberger on Wednesday.
The cyber espionage operation, dubbed "Salt Typhoon," has been active for up to two years and targeted communications of senior U.S. government officials and prominent political figures. The hackers gained access to private texts and phone conversations, though officials believe no classified communications were breached.
"The Chinese actors remain present in these networks," Neuberger warned, noting that affected companies are working to remove the intruders but have not yet succeeded. This creates ongoing risks until cybersecurity vulnerabilities are fully addressed.
The campaign specifically targeted telecommunications infrastructure, which the White House believes was chosen for both espionage purposes and potential network disruption during times of crisis. Among those targeted were then-presidential candidate Donald Trump and his running mate Senator JD Vance, as well as individuals connected to Vice President Kamala Harris's campaign.
While the hack provided broad access to everyday Americans' communications, officials indicate it focused primarily on a small group of high-ranking targets. The total number of affected countries is estimated to be in the "low couple dozen."
The Chinese embassy in Washington rejected accusations of involvement, calling on the U.S. to "stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China."
In response, U.S. federal authorities have issued new technical guidance for telecom companies, emphasizing encryption, centralized monitoring, and other security measures to prevent similar intrusions. The White House is also pushing for mandatory minimum cybersecurity standards in the telecommunications sector.
President Biden has been briefed multiple times on the situation, and a unified coordination group meets regularly to address the ongoing threat. The administration continues to assess the full scope of the breach while working with industry leaders to strengthen network defenses.