Verizon and AT&T refuse to release documents on Salt Typhoon attack

US Senator Maria Cantwell says AT&T and Verizon are stonewalling Senate investigators over the 2024 Salt Typhoon cyberattack, refusing to hand over security reports she has requested for months. In a letter to Committee Chairman Ted Cruz, she argued the operators are not being transparent about the state of their networks and called for their chief executives to testify in a public hearing.

Salt Typhoon, a China-linked hacking group, breached multiple US telecom networks in 2024, accessing call and text metadata from millions of customers, including high-profile politicians such as Donald Trump and JD Vance, and reaching company-run lawful interception systems. AT&T and Verizon later said they had contained the incident and found no ongoing nation-state activity, but Cantwell cites current and former government experts who believe the group may still be inside US networks and may even have reached congressional staff email accounts. Cybersecurity firm Mandiant, which reviewed the breach for both companies, has also declined to share its findings, reportedly under instructions from the operators. None of the three companies has publicly commented on the allegations. Cantwell says a Senate oversight hearing is needed to clarify the risks to US telecom users.