AT&T and Verizon Hack: China-Linked Hackers Breach Networks

Telecom Giants Respond to Cyberespionage Claims

AT&T and Verizon, leading U.S. telecommunications companies, have affirmed the security of their networks following reported targeting by the China-affiliated Salt Typhoon cyberespionage group.

AT&T's Statement

According to a statement provided to TechCrunch on Monday, AT&T spokesperson Alexander Byers indicated that the company currently detects no unauthorized activity originating from nation-state actors within its network infrastructure.

Verizon's Response

Verizon spokesperson Richard Young communicated via email to TechCrunch on Sunday that the organization has successfully contained the cyber incident stemming from this specific nation-state threat actor.

Young further stated that no threat actor activity has been observed on their network for a considerable period.

Independent Verification

Verizon confirmed the containment of the incident through an assessment conducted by a highly regarded cybersecurity firm.

However, the name of this third-party organization was not disclosed by Young.

Scope of the Breaches

While the full extent of the Salt Typhoon breaches remains under investigation, AT&T clarified that the attacks focused on a limited number of individuals considered to be of foreign intelligence interest.

The company reported awareness of only a few instances where individual information was potentially compromised.

Targeted Customers

Verizon specified that the hackers concentrated their efforts on a small subset of high-profile customers within the government sector.

Verizon's Actions

Vandana Venkatesh, Verizon’s chief general officer, detailed the immediate steps taken upon discovering the incident.

These included collaboration with federal law enforcement, national security agencies, industry peers, and specialized private cybersecurity firms.

Venkatesh affirmed that Verizon has contained all activities associated with this particular incident after substantial remediation efforts.

First Public Acknowledgment

This represents the first official acknowledgment from both AT&T and Verizon regarding their involvement in the Salt Typhoon campaign.

Initial reports of the hackers compromising networks of major U.S. phone and internet providers surfaced in October, with the aim of gathering intelligence on U.S. citizens.

Wider Targeting

U.S. officials revealed earlier this month that at least eight telecommunications providers had been targeted, including Lumen (formerly CenturyLink) and T-Mobile.

Anne Neuberger, deputy national security adviser for cyber and emerging technology, announced on Friday, as reported by Reuters, the identification of a ninth victim.

Administrator Account Compromise

Neuberger, without naming the newly identified victim, disclosed that one of the nine breached telecom companies involved a compromised administrator account.

This account possessed access to over 100,000 routers.

Updated with post-publish comment from AT&T.