Chinese State-Linked Hackers Allegedly Breached Phones at Heart of UK Government

Chinese state-linked hackers reportedly breached mobile phones “at the heart of Downing Street” as part of a long-running global cyber-espionage campaign targeting telecommunications networks, according to multiple media reports.

U.S. officials first alerted allies in 2024 after discovering that hacking groups connected to China had gained access to telecom companies around the world, according to reporting by The Associated Press. The campaign is believed to have targeted several countries, including the United States and members of the Five Eyes intelligence alliance, Australia, Canada, New Zealand, and the United Kingdom.

The breaches allegedly gave attackers access to the phone data of millions of people, along with the potential ability to eavesdrop on calls, read text messages, and track users’ locations. According to The Telegraph, Chinese hackers were able to record calls “at will” after gaining deep access to telecom networks.

Anne Neuberger, who served as a deputy U.S. national security adviser between 2021 and 2025, reportedly said the attackers “essentially had broad and full access” to affected networks. She warned this level of access would allow them to geolocate millions of individuals and monitor communications at scale.

U.S. intelligence agencies believe the intrusions date back to at least 2021, but they were only identified and publicly disclosed in 2024. Following the discovery, U.S. federal authorities urged telecommunications companies to strengthen their network security. Guidance issued by the FBI and the Cybersecurity and Infrastructure Security Agency was aimed at helping companies remove the hackers and prevent similar breaches in the future.

In August 2025, a joint cybersecurity advisory from the National Security Agency and allied partners warned that Chinese state-sponsored actors were actively targeting telecom networks worldwide. The advisory noted overlap with activity linked to a hacking group commonly referred to as Salt Typhoon.

“The malicious activity outlined in the advisory partially overlaps with cybersecurity industry reporting on Chinese state-sponsored threat actors referred to by names such as Salt Typhoon,” the NSA said at the time.

In the United Kingdom, officials have raised concerns that senior government figures may have been affected. One source told The Telegraph that the breach extended “right into the heart of Downing Street,” with reports suggesting there were multiple attacks on phones belonging to Downing Street staff and across wider government, particularly during Rishi Sunak’s term as prime minister between 2022 and 2024.

Former Israeli intelligence chief Yuval Wollman also described Salt Typhoon as “one of the most prominent names” in global cyber-espionage. He said the group’s operations have extended well beyond the United States, targeting telecom firms, government bodies, and technology companies across Europe, the Middle East, and Africa.

The reports add to growing concerns among Western governments about the vulnerability of critical communications infrastructure and the scale of state-backed cyber-espionage operations targeting democratic nations.

Photo Credit: DepositPhotos.com