Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

T-Mobile Disputes Claims of Chinese Hack on Customer Data

Largest US Telco Blocks Hackers But Warns Other Networks May Be Compromised
T-Mobile Disputes Claims of Chinese Hack on Customer Data
T-Mobile said it fended off Chinese hackers. (Image: Shutterstock)

T-Mobile is disputing allegations that Chinese state-sponsored hackers breached its security systems and stole sensitive customer data, while warning that some communications networks in the United States could still be compromised.

The telecom giant detailed its findings Wednesday in an ongoing investigation into a cyberespionage campaign targeting major U.S. communications providers. T-Mobile said it blocked hackers by cutting ties with an infiltrated wireline provider's network, as well as by maintaining a layered network design and through robust monitoring and third-party cybersecurity partnerships.

"Many reports claim these bad actors have gained access to some providers’ customer information over an extended period of time - phone calls, text messages, and other sensitive information, particularly from government officials," the blog reads. "This is not the case at T-Mobile."

The company said "other providers may be seeing different outcomes" after the FBI revealed earlier this month that Beijing-backed attackers compromised networks at multiple telecommunications companies as part of a sweeping cyberespionage campaign (see: FBI Updates on Vast Chinese Hack on Telecom Networks). Previous reports link Salt Typhoon to a string of attacks on Verizon, AT&T and Lumen, aiming to exfiltrate data from systems used to manage court-authorized wiretaps of subscriber network traffic.

T-Mobile said its network defenses protected sensitive customer information while preventing a potential disruption of services "and stopped the attack from advancing."

The Cybersecurity and Infrastructure Security Agency and FBI are investigating the campaign, which has yet to be officially attributed by the U.S. government. Salt Typhoon, linked to China’s Ministry of State Security, has a history of targeting U.S. systems for intelligence gathering, particularly in sectors critical to national security.

On Friday, the White House convened a meeting with telecom executives to discuss intelligence on China’s cyberattacks targeting the industry. The White House said National Security Adviser Jake Sullivan and Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger led discussions focused on bolstering national cybersecurity defenses and improving resilience capabilities (see: US National Security Officials Brief Telecom Executives).

T-Mobile said it could not "definitively" identify the attackers but added it does not "see these or other attackers" in its systems.

"Simply put, our defense worked as designed," the company wrote.

Cybersecurity experts have warned threat actors linked to Beijing are intensifying sophisticated espionage campaigns and hacking operations targeting U.S. critical infrastructure and top government officials. Congress is also demanding answers from telecom giants over the hacking campaign and has requested briefings from AT&T, Verizon and Lumen (see: Congress Seeks Urgent Action After Chinese Telecom Hack).


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.