Report: Congressional Email Accounts Hacked in Suspected China-Linked Cyberattack
A report by the Financial Times revealed that email accounts belonging to several U.S. congressional staff members and members of the House China Committee were compromised, along with accounts linked to other committees, including Foreign Affairs, Intelligence, and Armed Services.
According to the report, the cyberattack was carried out by the hacking group known as “Salt Typhoon,” which is believed to have links to the Chinese government and has been implicated in previous cyber operations targeting U.S. institutions.
The attack is part of a broader wave of coordinated cyber intrusions against U.S. communications networks. The group is reported to have intercepted phone calls, text messages, and even voicemail communications involving multiple U.S. officials, in addition to breaching certain email accounts.
In a separate report, U.S. technology website Mashable explained that “Salt Typhoon” is the code name assigned by Microsoft to the hacking group, which is also known by other aliases such as GhostEmperor, FamousSparrow, and UNC2286. Microsoft uses the term “Typhoon” to designate Chinese-linked cyber groups it considers a threat to U.S. security.
The group was previously linked to a large-scale cyberattack in 2024 that resulted in the breach of eight U.S. telecommunications companies, with the U.S. government at the time accusing Chinese authorities of being behind the operation.
China’s embassy strongly rejected the allegations, with spokesperson Liu Pengyu describing them as “groundless speculation and accusations.” Meanwhile, the FBI, the White House, and officials from the affected congressional committees declined to comment, according to a separate Reuters report.
The attack is believed to be connected to a major cyber breach uncovered in December of last year. Speaking to the Financial Times, Senator Mark Warner, the top Democrat on the Senate Intelligence Committee, warned of the threat posed by the Salt Typhoon group, stating that it can target virtually anyone not using encrypted communication devices.
The Financial Times report is based on statements from sources familiar with the incident and close to the U.S. Senate. However, no official statements have yet been issued by either the U.S. or Chinese governments regarding the attack.
