'Large number' of Americans' metadata stolen by Chinese hackers, senior official says

By Raphael Satter

WASHINGTON (Reuters) - A large number of Americans' metadata has been stolen in the sweeping cyberespionage campaign carried out by a Chinese hacking group dubbed "Salt Typhoon," a senior U.S. official told journalists on Wednesday.

The official declined to provide specific figures but noted that China's access to America's telecommunications infrastructure was broad and that the hacking was still ongoing.

"We believe a large number of Americans' metadata was taken," she told reporters. Pushed on whether that might include every American cell phone's records, the official said: "We do not believe it's every cell phone in the country, but we believe it's potentially a large number of individuals that the Chinese government was focused on."

Dozens of companies across the world had been hit by the hackers, the official said, including "at least" eight telecommunications and telecom infrastructure firms in the United States.

U.S. officials have previously alleged the hackers targeted Verizon (NYSE:VZ ), AT&T (NYSE:T ) , T-Mobile , Lumen and others and stole telephone audio intercepts along with a large tranche of call record data.

Call record metadata is sometimes described as the who, what, when, and where of phone calls. It doesn’t include the content of a call but can include who a call was placed to, how long it lasted, and where it was made from. Even without the content, call record metadata — especially when captured in bulk — can reveal extraordinarily granular details about a person’s life, work, and intimate relationships.

The official said the White House had made tackling the Salt Typhoon hackers a priority for the federal government and that President Joe Biden had been briefed several times on the intrusions.



The press call occurred as U.S. government agencies were due to hold a separate, classified briefing for all senators on Salt Typhoon's efforts to compromise American telecommunications companies, according to officials and a notice seen by Reuters.

The FBI, Director of National Intelligence Avril Haines, Federal Communications Commission Chair Jessica Rosenworcel, the National Security Council and the Cybersecurity and Infrastructure Security Agency were set to take part in the 3 p.m. ET (2000 GMT) closed-door briefing, the officials said.

Source: Investing.com