US accuses China group of stealing Americans' metadata in hacking campaign

A "large number" of Americans' metadata has been stolen in the cyberespionage campaign carried out by a Chinese hacking group dubbed "Salt Typhoon," a senior US official told journalists.

In a call with reporters on Wednesday, Deputy National Security Adviser Anne Neuberger declined to provide specific numbers but said that China's access to America's telecommunications networks was potentially broad and that there was a risk of "ongoing compromise."

The official said the White House had made tackling the Salt Typhoon hackers a priority for the federal government and that President Joe Biden had been briefed several times on the intrusions.

Pushed on whether that might include every American cell phone's records, the official said: "We do not believe it's every cell phone in the country, but we believe it's potentially a large number of individuals that the Chinese government was focused on."

Dozens of companies across the world had been hit by the hackers, the official said, including "at least" eight telecommunications and telecom infrastructure firms in the United States.

China's response

The Chinese embassy in Washington on Tuesday rejected the accusations that it was responsible for the hack after the US federal authorities issued new guidance.

"The US needs to stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China," embassy spokesperson Liu Pengyu said.

US officials have previously alleged the hackers targeted Verizon, AT&T, T-Mobile, Lumen and others and stole telephone audio intercepts along with a large tranche of call record data.

Call record metadata is sometimes described as the who, what, when, and where of phone calls. It doesn't include the content of a call but can include who a call was placed to, how long it lasted, and where it was made from.

Even without the content, call record metadata — especially when captured in bulk — can reveal extraordinarily granular details about a person's life, work, and intimate relationships.

The press call occurred as US government agencies were due to hold a separate, classified briefing for all senators on Salt Typhoon's efforts to compromise American telecommunications companies, according to officials and a notice seen by the Reuters news agency.

The FBI, Director of National Intelligence Avril Haines, Federal Communications Commission Chair Jessica Rosenworcel, the National Security Council and the Cybersecurity and Infrastructure Security Agency were set to take part in the 3 pm ET (2000 GMT) closed-door briefing, the officials said.