Three months later reports have surfaced of a cyberattack dubbed Salt Typhoon that targeted Internet service providers and the U.S. eavesdropping infrastructure, two of the largest telecommunications companies say they have made progress in securing their networks from the threat.
AT&T and Verizon released statements over the weekend about Typhoon Salt for the first time since working with federal law enforcement and other entities. AT&T said in a statement that, based on its investigation, China is targeting “a small number of individuals of foreign intelligence interest” and that the company is working to protect customer data.
Meanwhile, Verizon said it “contains the cyber incident caused by this nation-state threat actor” and has “not detected threat actor activity” on its network for some time. It added that a third security company confirmed the hold-up.
In late September and early October, reports first described the Salty Typhoon attacks, prompting the FBI to warn that some types of messages, such as RCS texting between iOS and Android phones, may be at risk.
Salt Typhoon now appears to be a more targeted attack than previously believed, although hundreds of millions of customers could have put their data and personal information at risk.
“In this incident, a small number of high-profile customers in government and politics were specifically targeted by the threat actor,” Verizon said in its statement. “Those customers have been notified of the activity.”
Both Verizon and AT&T noted that they have worked with government and law enforcement agencies, telecom industry partners and private cybersecurity firms.
“In the relatively few cases in which an individual's information was affected, we met our reporting obligations,” AT&T said.
Over the weekend, the ninth company affected by the hack was said to have been identifiedbut the White House did not release the name of the company.
T-Mobile reiterated on Monday that it was not one of the nine named by the government, and pointed to T-Mobile blog post from late November, which offers details.