AT&T and Verizon bounce back from Chinese cyberattacks

AT&T and Verizon have confirmed that their systems have been restored and are now operating securely following recent cyberattacks by state-linked cyber-intrusion groups. In separate statements, both telecom giants stated that they had worked closely with law enforcement agencies to mitigate the damage caused by these espionage-related threats.

According to U.S. government sources, at least nine telecom companies were targeted by Salt Typhoon, a Chinese-backed cyberespionage group. While the full extent of the damage to AT&T and Verizon remains unclear, the attacks appeared to be highly targeted. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) jointly verified the attacks on American telecom infrastructure in October. Verizon was reportedly targeted, with high-profile individuals, including former President Donald Trump and Senator JD Vance, believed to have been potential targets.

Earlier reports indicated that state-sponsored hackers attempted to infiltrate broadband networks to gain covert access to sensitive infrastructure and data. In a follow-up report, The Wall Street Journal revealed that federal authorities had launched investigations into attacks against Verizon, AT&T, and other telecom providers, tracing them back to the Salt Typhoon group. AT&T acknowledged in a statement that the attackers aimed to gather intelligence related to foreign espionage activities.

In response to the escalating cyber threat, the CISA issued new guidelines for mobile communication security, particularly aimed at high-profile government officials and politicians. Verizon also disclosed that a "small number" of prominent figures in government and politics were targeted by the attackers.

Microsoft, which has been collaborating with authorities, confirmed that Salt Typhoon is a Chinese-based threat actor also known by aliases such as GhostEmperor and FamousSparrow. This group has previously targeted various sectors, including healthcare, defense, and NGOs. In 2024, AT&T also faced a major data breach, with over 7 million active accounts and more than 65 million former subscribers’ data leaked on the dark web.