Chinese state-sponsored hackers, known as Salt Typhoon, breached T-Mobile’s systems in an ongoing campaign targeting major U.S. telecom carriers, The Wall Street Journal reported. The hackers previously infiltrated AT&T, Verizon, and other carriers, gaining access to sensitive metadata and unencrypted text messages over months of advanced cyberattacks.
Salt Typhoon reportedly exploited telecom systems used for surveillance, raising concerns about national security. Breached metadata, such as call times and numbers, could enable impersonation and spoofing attacks. Unencrypted texts sent between Android and iPhone devices were particularly vulnerable until Apple’s recent iOS 18 update, which added encryption.
T-Mobile acknowledged the industry-wide attacks but stated no significant impacts or evidence of data exfiltration. Meanwhile, the FBI and Cybersecurity and Infrastructure Security Agency confirmed the attacks and pledged continued collaboration to strengthen defenses.
