https://www.nytimes.com/2025/09/04/world/asia/china-hack-salt-typhoon.html
Security officials and cybersecurity experts are warning that a sophisticated Chinese cyber espionage campaign known as Salt Typhoon represents China’s most ambitious hacking operation to date, potentially compromising data from nearly every American citizen during a yearslong coordinated assault targeting over 80 countries. The sweeping attack infiltrated major telecommunications companies and critical infrastructure, with investigators describing it as “unrestrained” and “indiscriminate” in a joint statement issued by British, American, Canadian, Finnish, German, Italian, Japanese, and Spanish security agencies as part of an unprecedented international name-and-shame effort against the Chinese government.
The Salt Typhoon operation, which has been active since at least 2019 but was only discovered last year, targeted high-profile political figures including President Trump and Vice President JD Vance during their 2024 campaign, along with prominent Democrats and officials from dozens of other nations. The attackers successfully penetrated more than half a dozen U.S. telecommunications companies and exploited vulnerabilities to intercept telephone conversations, read unencrypted text messages, and steal vast amounts of data from telecommunications, internet service providers, government networks, transportation systems, lodging companies, and military infrastructure across the globe.
Former FBI cyber division official Cynthia Kaiser, who oversaw investigations into the hacking, stated that she “can’t imagine any American was spared given the breadth of the campaign,” highlighting the unprecedented scope that distinguishes Salt Typhoon from previous Chinese cyber operations that typically targeted specific individuals working on sensitive government or security issues. Security experts believe the attack was conducted by at least three China-based technology companies working for the country’s military and civilian intelligence agencies, with the goal of providing Chinese officials with the capability to identify and track targets’ communications and movements worldwide. The operation builds upon years of Chinese data collection efforts including previous breaches of Marriott International, health insurers, the U.S. Office of Personnel Management, and Microsoft email systems, representing what Biden administration cybersecurity official Anne Neuberger described as evidence that “China is positioning itself to dominate the digital battle space” through patient, state-backed campaigns characterised by high technical sophistication, patience, and persistence.