Chinese hackers targeted data from phones used by former President Donald Trump and his running mate, Sen. JD Vance of Ohio, as part of what appears to be a wide-ranging intelligence-collection effort, people familiar with the matter said on Friday.
Investigators are working to determine what communications data, if any, was taken or observed by the sophisticated penetration of telecom systems, according to these people, who spoke on the condition of anonymity to describe an active and highly sensitive national security case.
The type of information on phones used by a presidential candidate and his running mate could be a gold mine for an intelligence agency: Who they called and texted, how often they communicated with certain people, and how long they talked to those people could be highly valuable to an adversary like China. That sort of communications data could be even more useful if hackers could observe it in real time.
The Trump campaign team was made aware this week that Trump and Vance were among a number of people inside and outside government whose phone numbers had been targeted through the infiltration of Verizon phone systems, the officials said.
People briefed on the matter said Democrats were among the targets, including staff members of Vice President Kamala Harris’ campaign and prominent figures on Capitol Hill, including Sen. Chuck Schumer of New York, the majority leader.
The targeting of a presidential ticket’s communications underscores the aggressiveness, scope and potential severity of the hacking attack, which Western cybersecurity experts believe was carried out by a group they have called Salt Typhoon. The investigation is continuing, but the FBI and national security officials have signaled that they are deeply concerned about the potential extent of compromised data and the wide range of possible victims.
Without identifying those who were targeted, the FBI and the Cybersecurity and Infrastructure Security Agency issued a joint statement attributing the hacking to “actors affiliated with the People’s Republic of China.”
The agencies said they “are collaborating to aggressively mitigate this threat and are coordinating with our industry partners to strengthen cyberdefenses across the commercial communications sector.” They said they had informed potential victims.
It was unclear whether the hackers could have gained access to text messages, especially those sent through unencrypted channels.
Trump campaign officials were told that the hackers might still be inside Verizon’s systems, but that it was unclear whether they were actively trying to take out data. In hacking investigations, observing hackers’ activities within a compromised system can sometimes provide valuable information to investigators.
Data about the communications of a presidential and vice presidential candidate — even absent the content of the calls and messages — could also help an adversary like China better identify and target people in Trump’s inner circle for influence operations.
The revelation came in the closing stages of a campaign in which Trump’s team has also been targeted by Iranian hackers, who have repeatedly sent his inner circle spearphishing emails that were at least partly successful in gaining access to his campaign’s communications and documents.
Security around Trump has also been tightened as a result of assassination threats from Iran.
A Trump campaign spokesperson did not directly address whether the phones used by Trump and Vance had been targeted. But in a statement, the spokesperson, Steven Cheung, criticized the White House and Harris and sought to blame them for allowing a foreign adversary to target the campaign.
Earlier this year, security officials discovered the presence in American telecommunications systems of a China-affiliated hacking group. But investigators determined only recently that the hackers were targeting specific phone numbers, the officials said.
The infiltration by the hackers extends beyond the 2024 political campaign, with multiple people said to be targeted, people familiar with the investigation said, suggesting it could have far-reaching national security implications.
The investigation into the extent of the hacking and any national security damage is in its early stages. Whether such an attack could monitor or record phone conversations is difficult to know, and whether the hackers could read or intercept texts, for example, would depend in no small part on which messaging apps the targets used and how that data moved over the phone company’s systems.
The Wall Street Journal reported last month that a cyberattack linked to the Chinese government had infiltrated some U.S. broadband providers’ networks and might have been able to get information from systems used by the federal government in FISA court wiretap efforts.
A spokesperson for Verizon, Rich Young, said in a statement that the company was “aware that a highly sophisticated nation-state actor has reportedly targeted several U.S. telecommunications providers to gather intelligence.” He said Verizon is assisting law enforcement agencies in the investigation and working to address any continuing problems.
This article originally appeared in The New York Times.
© 2024 The New York Times Company