Chinese State-Linked Hackers Penetrated Downing Street in Global Telecom Breach

Chinese state-backed hackers penetrated mobile phones at “the heart of Downing Street” as part of a widespread cyber-espionage campaign targeting telecommunication networks across multiple countries, according to intelligence officials and security experts.

U.S. officials alerted allies in 2024 after discovering that Chinese hacking groups had gained access to telecom companies worldwide. The sophisticated operation reportedly impacted all members of the Five Eyes intelligence alliance: the United States, United Kingdom, Australia, Canada and New Zealand.

Security experts warn the breaches potentially exposed phone data of millions of users, allowing the hackers to eavesdrop on calls, read text messages and track users’ locations with precision. According to Anne Neuberger, a former deputy U.S. national security adviser who served between January 2021 and January 2025, the hackers gained sweeping access to telecommunications infrastructure.

“Chinese [hackers] gained access to networks and essentially had broad and full access,” Neuberger told The Telegraph, explaining that this gave them the capability to “geolocate millions of individuals, to record phone calls at will.”

U.S. intelligence agencies believe the intrusions date back to at least 2021, though they were only identified and disclosed by American authorities in 2024. The revelation prompted the FBI and the Cybersecurity and Infrastructure Security Agency to issue urgent guidance to telecommunication companies, urging them to strengthen network security measures.

The situation escalated further in August 2025 when the U.S. National Security Agency (NSA) and allied partners issued a joint cybersecurity advisory warning that Chinese state-sponsored actors were continuing to target critical networks globally.

“The malicious activity outlined in the advisory partially overlaps with cybersecurity industry reporting on Chinese state-sponsored threat actors referred to by names such as Salt Typhoon,” an NSA statement confirmed.

In the United Kingdom, the breach reportedly reached deep into government operations. One source told The Telegraph that the intrusion penetrated “right into the heart of Downing Street,” raising serious concerns about potential compromise of senior government officials’ communications. The publication also reported “many” different hacking attacks targeting phones of Downing Street staff and across wider government departments, particularly during Rishi Sunak’s premiership between 2022 and 2024.

Yuval Wollman, former Israeli intelligence chief and current executive at cybersecurity platform CyberProof, described Salt Typhoon as “one of the most prominent names” in global cyber-espionage.

“While much of the public reporting has focused on U.S. targets, Salt Typhoon’s operations have extended into Europe, the Middle East and Africa, where it has targeted telecoms firms, government entities and technology companies,” Wollman added, highlighting the operation’s global scope.

The Chinese government has consistently denied involvement in such activities. When previously confronted with similar allegations, China’s foreign ministry dismissed the claims as “baseless” and “lacking evidence,” according to media reports.

This breach represents one of the most significant known cyber-espionage campaigns in recent years, potentially granting Chinese intelligence services unprecedented access to sensitive communications of government officials, business leaders, and ordinary citizens across multiple Western democracies.

The incident underscores growing tensions between China and Western nations in the cyber domain, with telecommunications infrastructure increasingly becoming a key battleground for intelligence gathering and potential sabotage operations in the digital age.

As investigations continue, cybersecurity experts warn that the full extent of the breach and its implications for national security across affected countries may not be fully understood for some time. Meanwhile, government agencies are reportedly working to strengthen defensive measures and eliminate remaining vulnerabilities in their telecommunications networks.