Verizon Says It Has ‘Contained The Cyber Incident’ Linked To China-Based Salt Typhoon
‘An independent and highly respected cybersecurity firm has confirmed the Verizon containment,’ the telecommunications giant says.
Verizon said Friday that the cyberattack linked to China-based threat group Salt Typhoon has definitively been “contained.”
“An independent and highly respected cybersecurity firm has confirmed the Verizon containment,” the telecommunications giant said in a statement posted online.
[Related: 10 Major Ransomware Attacks And Data Breaches In 2024]
The third-party cybersecurity firm was not identified in the statement. CRN has reached out to Verizon for further comment.
Verizon also disclosed that a “small percentage” of customer call records were compromised in the Salt Typhoon attack, which was first revealed in late September 2024 by a Wall Street Journal report. The attacks are believed to have taken place over the course of at least several months in 2024.
The Verizon statement comes the same day that U.S. national security adviser Jake Sullivan told reporters that the U.S. has “taken steps in response to Salt Typhoon” and sent “clear messages” to the Chinese government over the incidents, according to a Reuters report.
The statement from Verizon confirmed that “a nation-state threat actor accessed several of the nation’s telecommunications networks, including the Verizon network.”
“Verizon has contained the cyber incident brought on by this threat actor,” the company said in the statement.
At least nine U.S. telecommunications providers have been impacted in the attacks by the China-linked espionage group tracked as Salt Typhoon have now been disclosed, according to U.S. officials.
In addition to Verizon, the attacks have also reportedly impacted AT&T, T-Mobile, Charter Communications, Windstream and Consolidated Communications, according to reports.
T-Mobile said previously that sensitive data belonging to customers was not impacted in the campaign.
Media outlets reported in October that the Salt Typhoon attacks had targeted the campaigns of both of the then-candidates for president, Donald Trump and Kamala Harris, as well as then-vice presidential nominee JD Vance.
Some U.S. government officials did see their communications compromised in connection with the attacks, the FBI and the Cybersecurity and Infrastructure Security Agency confirmed in a joint statement in November.
Verizon said in its statement Friday that “a small number of individuals primarily involved in government or political activity were targeted by the threat actor,” which have all been notified.
Verizon said it “took several key actions to protect its customers and its network, including partnering with federal law enforcement and national security agencies, industry partners, and private cybersecurity firms.”
“We have not detected threat actor activity in Verizon’s network for some time and, after considerable work addressing this incident, we can report that Verizon has contained the activities associated with this particular incident,” Vandana Venkatesh, chief legal officer at Verizon, said in a quote included in the statement.
Verizon determined during the investigation “the threat actor also accessed a small percentage of mobile internet access and mobile call records of other Verizon wireless customers.” The telecom firm said it doesn’t believe these customers “were targeted, or that any banking or financial information or Social Security numbers were exposed.”
The Salt Typhoon attacks have been characterized, in comments by Sen. Mark R. Warner to The Washington Post in November, as the most significant hack to date of the U.S. telecommunications industry.