According to industry insiders, the great majority of persons whose call data were stolen by Chinese hackers have not received notification, and there is no sign that the bulk of those impacted will receive notification anytime soon.
The two telecom firms that the hacking campaign seems to have impacted the most, Verizon, AT&T, and the FBI, have been warning some victims for months that their texts or phone calls were read or listened to. During a media call last week, an FBI official stated that several of those individuals were high-value intelligence targets pertaining to American politics and government. In October, the offices of Senate Majority Leader Chuck Schumer, D-N.Y., and the presidential campaigns of Donald Trump and Kamala Harris told NBC News that they had been notified by the FBI that they were being targeted.
The hackers gained access to more generalized data about phone calls and texts, known as metadata, which is a distinct but nevertheless sensitive sort of information for a much larger number of people, primarily in the Washington, D.C., area. Phone providers keep track of things like which phone numbers made calls, when they made those calls, and maybe the locations of the cell towers to which their phones were linked.
Intelligence services may already have target phone numbers and utilize phone metadata to map out their connections and travels, even if the records do not link phone numbers to customers.
It is a blatant invasion of privacy, according to Alan Butler, president and executive director of the nonprofit Electronic Privacy Information Center.
Butler told NBC News that you should be unhappy because carriers’ poor practices that exposed whether you phoned your church or an oncologist constitute a breach in and of itself, regardless of whether the actual substance of those calls was also revealed.
According to an industry insider knowledgeable on the issue, the hacking campaign gained access to over a million people’s metadata. An FBI official stated last week that the government had no intentions to notify those victims, and two industry sources, one with knowledge of AT&T’s plans and the other with Verizon’s, stated that the companies have not gotten in touch with the majority of them.
An AT&T representative stated in an emailed statement that the firm will continue to fulfill its responsibilities to inform impacted parties. That meant AT&T was only informing a very tiny number of individuals who had been impacted, according to someone familiar with the company’s plans. Verizon had conducted similar outreach to a limited number of customers whose communications were impacted, according to a person familiar with the company’s efforts.
Both businesses refused to elaborate on their strategies for notifying those whose metadata was obtained. The Federal Communications Commission, which regulates the duties of telecom firms to consumers whose data is compromised, chose not to comment.
Known as Salt Typhoon, the cyber campaign is among the biggest intelligence breaches in American history. According to a White House official last week, it has compromised eight domestic telecom and internet service providers and dozens more worldwide, and it is still going on. The United States, Australia, Canada, and New Zealand assert that it is a component of a Chinese intelligence program.
The Chinese Embassy’s Washington spokeswoman has denied any involvement.
Even while some people believe that phone metadata is less sensitive than conversation content, intelligence services can nonetheless benefit greatly from it. Gen. Michael Hayden, the former head of the National Security Agency and the CIA, stated in a 2014 forum, “We kill people based on metadata.”
Call logs, timings, and phone locations for the Washington region would probably be useful to Chinese intelligence, according to Dakota Cary, a China adviser with the cybersecurity firm Sentinel One.
“It would be helpful for intelligence if they pulled the call data for the National Capital Region,” Cary added. It would be beneficial to map the social links among political groups.
For years, Western cybersecurity firms and the United States have accused Chinese cyberspies of routinely stealing the personal data of Americans. China has mostly refuted the charges, frequently citing American surveillance activities.
The senior White House official, who wished to remain anonymous, told a media teleconference last week that while the government does not think all American phone records have been compromised, Chinese intelligence has obtained the metadata of many individuals it would be interested in.
The official stated during the FBI media call that although it had carried out a significant outreach campaign to those whose communications were obtained, it would not extend the same outreach to those whose metadata was stolen alone.
In reality, it would be the providers’ and/or carriers’—whatever word we choose—duty to inform their clients about the stolen data. According to the FBI official, neither CISA nor the FBI would normally be responsible for it. The Cybersecurity and Infrastructure Security Agency is known as CISA.
According to him, the FBI has notified each individual victim or their attorney when we have successfully proven content intercept, whether it be text or voice.
In addition to AT&T and Verizon, other businesses that were the focus of the Salt Typhoon operation have either provided scant information regarding the hackers’ access or stated that they were unable to obtain much. It’s unclear what the hackers hoped to achieve, but Lumen, a modest internet service provider based in Louisiana, was named as a Salt Typhoon victim this year. According to a Lumen representative, the firm had no proof that Chinese hackers were still active in its networks, and no information had been provided by our federal colleagues to support this claim.
The Salt Typhoon campaign targeted Charter Communications, another midsize ISP, according to a person with knowledge of the situation.
Though it claims that the hackers’ access has been turned off and that no customer data was acquired, T-Mobile has been more forthcoming with the public than other corporations about being first compromised by hackers who seemed to be connected to Salt Typhoon.
The company’s chief security officer, Jeff Simon, stated that it seems the hackers attempted to access the system via a different telecom provider.
According to him, we were able to identify such behavior quite rapidly and effectively cut off or halt it by cutting off the connection to the other telecom company.
But Simon reaffirmed that the campaign was still going on.
He claimed that they persisted. After this one round, we assume that this actor will not give up. They will continue to attempt to regain entry, after all.
Note: Every piece of content is rigorously reviewed by our team of experienced writers and editors to ensure its accuracy. Our writers use credible sources and adhere to strict fact-checking protocols to verify all claims and data before publication. If an error is identified, we promptly correct it and strive for transparency in all updates, feel free to reach out to us via email. We appreciate your trust and support!