The FBI has identified a person suspected of hacking into the government’s surveillance system in a “major incident” that poses a threat to US national security, according to a senior law enforcement official and a source with knowledge of the matter.
Subscribe to read this story without ads
Get ad-free articles and exclusive content.
The operation compromised sensitive information related to domestic law enforcement, sources said, and the FBI recently notified lawmakers about it.
The revelations highlighted a major failure of US behavior amid repeated hacking operations by China-linked actors in recent years that have broken into key infrastructure and telecommunications firms, former officials said.
The FBI and the Cybersecurity and Infrastructure Security Agency declined to comment.
The FBI’s announcement of a major cyber incident was first reported by Politico.
Under federal data protection laws, a cyber breach is declared a “major incident” only if it involves the compromise of identifiable information that could pose a “demonstrable risk” to national security, foreign relations, the economy, civil liberties or the health of the American public.
The cyber operation appears to be using the same tactics and methods used by China’s hacking effort known as Salt Storm, which targeted major mobile phone providers in an unexpected breach, according to a source with knowledge of the matter.
The Salt Hurricane hackers, discovered in 2024, were able to obtain phone records from millions of Americans and steal FBI wiretap data.
The Salt Typhoon hacking campaign was one of the largest intelligence conflicts in American history. It has breached eight domestic and internet service providers and many others around the world. US officials said in 2024 that the victims included people in the presidential campaigns of both major parties.
Under the 1994 Communications Assistance for Law Enforcement Act (CALEA), US telephone companies are required to maintain systems for monitoring unrecorded communications when required by court order. A salt spray has reached some CALEA facilities in 2024, officials told NBC News.
China has denied responsibility for the Salt Cyclone.
The crackdown showed that Chinese-backed hackers are continuing to target the US despite global attention to Typhoon Salt and the Trump administration’s efforts to ease tensions ahead of President Donald Trump’s planned visit to Beijing next month, a former cybersecurity official said.
A former official said: “Their cheating continues with impunity. “This shows that they do not feel discouraged by the greater exposure of the world. … they are brave.”
Sen. Mark Warner, D-Va., vice chairman of the Senate Intelligence Committee, said the incident shows the persistent threat posed by China and other sophisticated cyber adversaries.
“From the Salt Hurricane to the Stryker to this breach reported to the FBI, the pattern is clear: our adversaries are looking for weaknesses, and they’re finding them,” Warner said in a statement.
He added that significant disruptions to cyber security personnel across the government are putting the country’s digital security at risk.
“What makes this even more worrisome is that, at a time when these threats are on the rise, this administration is phasing out the cyber skills we rely on to protect the country, firing experienced professionals from the FBI and the Cybersecurity and Infrastructure Protection Agency,” he said.
A former cybersecurity official said that US adversaries are well aware that a major reduction in government personnel provides a significant opportunity to monitor computer networks.
“They’ve realized at this point that the federal government is closed. If you’re an adversary thinking about intelligence gathering, this is definitely the time to take advantage,” said the former official.
Cynthia Kaiser, who retired as the FBI’s chief cyber officer in May, told NBC News that while China had been monitoring American communications for several years, the operation was discovered after she left the agency.
“China is always looking for any information that can help them identify and determine their intentions, communication and movements around the world.” And the intelligence community, the FBI and law enforcement will help them achieve these goals,” he said.
#FBI #names #suspected #Chinese #theft #law #enforcement #data #major #cyber #incident