Original article Total Telecom:Read More
News
Experts warn that the hacker group linked to the Chinese state may remain active in US networks
Democratic Senator Maria Cantwell said on Tuesday that both AT&T and Verizon had refused to hand over key security documents related to the Salt Typhoon cyberattack in 2024.
In a letter to Committee Chairman Ted Cruz, Cantwell said the telecoms giants are not being transparent about the security of their networks and called on their CEOs to attend a Committee hearing.
“For months, I have sought specific documentation from AT&T and Verizon that would purportedly corroborate their claims that their networks are now secure from this attack,” wrote Cantwell. “Unfortunately, both AT&T and Verizon have chosen not to cooperate, which raises serious questions about the extent to which Americans who use these networks remain exposed to unacceptable risk.”
The documents in question relate to the highly publicised cybersecurity breach of numerous telecoms companies by China-linked hacking group Salt Typhoon in 2024.
The attack compromised the metadata of calls and text messages from millions of customers, notably including those of politicians such as Donald Trump and JD Vance. It also gave the hackers access to company-run law enforcement wiretapping systems.
By December 2024, AT&T said it had “no activity by nation-state actors in our networks”, while Verizon said it had “contained the activities associated with this particular incident”.
In June 2025, however, Cantwell wrote to AT&T and Verizon to demand answers, saying that experts feared Salt Typhoon was still operating within the companies’ networks.
“Current and former government experts continue to indicate that Salt Typhoon may remain active in U.S. networks,” she wrote in a letter to AT&T CEO John Stankey and Verizon Chairman and CEO Hans Vestberg (replaced by Dan Schulman in October 2025).
This claim was reiterated in her letter to Cruz this week.
“Expert witnesses warned this Committee about the ongoing security risks posed by Salt Typhoon, while reports indicate that Salt Typhoon hackers are likely still inside U.S. telecommunications networks and may have even breached email accounts used by congressional staff,” she wrote.
Reviews of the Salt Typhoon breach for both AT&T and Verizon were carried out by Google-owned cybersecurity business Mandiant. Now, Cantwell says Mandiant is refusing to share their findings, following orders from the mobile operators.
“AT&T and Verizon apparently intervened to block Mandiant from cooperating with my requests,” said Cantwell in her letter.
Verizon, AT&T, nor Mandiant have publicly commented on the allegations.
Cantwell is now urging the Senate Committee to convene a hearing in which the AT&T and Verizon CEOs can testify about the incident publicly.
“The American public deserves transparency and certainty that our nation’s major telecommunications networks are not currently exposed to unacceptable risks,” Cantwell wrote. “This oversight hearing would be an opportunity to provide precisely that.”
Salt Typhoon remains a major threat to Western companies worldwide. Last year, an FBI report said that the hacker group had targeted over 600 organisations in over 80 countries.
Keep up to date with all the latest telecoms news with the Total Telecom newsletter
Also in the news
World Communication Award Winners 2025
Ofcom clears the way for satellite-to-smartphone services
LG Uplus’s AI voice call app glitch leaks user data
The post Verizon and AT&T refuse to release documents on Salt Typhoon attack appeared first on Total Telecom.