A Chinese-backed hacking campaign that previously hacked into nine U.S. telecommunication and internet providers is now confirmed to have hacked at least 200 American companies, according to the FBI’s top cyber chief.
FBI Assistant Director Brett Leatherman told The Washington Post that the hackers, dubbed Salt Typhoon, also broke into companies in 80 countries, revealing for the first time the global scale of the Chinese spying campaign.
Leatherman didn’t name the hacked companies. AT&T, Verizon, and Lumen were previously confirmed as breached, and Charter Communications and Windstream were later named as victims, among others.
The hackers targeted call records among senior American politicians and officials, allowing them to map out who was calling whom, and on whom the U.S. was snooping with legal orders. For a time, the threat was so severe that the FBI urged Americans to switch to encrypted messaging apps to avoid having their calls and messages accessed.
The FBI, along with nearly two dozen international agencies, said in an advisory [PDF] published Wednesday that Salt Typhoon primarily targets company routers and siphons sensitive network traffic, and offered technical guidance on how to identify intrusions.
Leatherman told the Post that the threat from China is “ongoing.”
