Chinese state-linked hackers are accused of spending years inside the phones of senior Downing Street officials, exposing private communications at the heart of the UK government.
The Telegraph reports that the activity focused on phones used by senior aides around former prime ministers Boris Johnson, Liz Truss, and Rishi Sunak, with the suspected access stretching back to 2021. Intelligence sources described the compromise as extensive, with one saying the activity went “right into the heart of Downing Street,” although it remains unclear whether the prime ministers’ own devices were accessed directly.
Salt Typhoon, the Chinese-linked group previously blamed for telecom intrusions overseas, has been named as a likely culprit in the reported snooping. The espionage outfit is known for breaking into telecoms providers, enabling them to skim metadata and communications without ever needing to install anything on a handset.
Even without full access to message content or live calls, call logs and location data are often enough to build a clear picture of who is talking to whom, how frequently, and from where.
Intelligence officials quoted by The Telegraph said attackers may have been able to read texts or listen in on calls involving senior figures, but added that the metadata alone would have been useful.
The breaches were reportedly discovered only in 2024, after the US disclosed that Chinese-linked hacking groups had gained deep access to telecommunications providers worldwide. US officials have since acknowledged that attackers could, in some cases, record calls “at will,” underlining concerns that state-backed groups had embedded themselves deep inside communications networks.
So far, the UK has stuck to talking about a “cluster of activity” linked to Salt Typhoon, without saying much about what that involved. US officials, by contrast, have been far more direct about who was targeted and when, confirming that senior political figures and multiple telecoms firms were caught up in the operation ahead of the 2024 election.
The Telegraph reports that there were “many” separate attacks on Downing Street staff phones and wider government communications, particularly during Sunak’s time in office. MI5 issued an espionage alert to Parliament last November, warning of Chinese state spying, but neither the scope nor the impact of the suspected telecoms compromise has been detailed publicly.
The allegations surfaced days before current UK Prime Minister Keir Starmer is due to travel to China on the first visit by a British prime minister since 2018, with trade and investment firmly on the agenda. Critics have accused the government of taking too soft a line on Beijing while approving plans for a large Chinese embassy in London near sensitive communications infrastructure.
China’s foreign ministry dismissed the allegations as baseless and accused Western governments of politicizing cybersecurity, echoing Beijing’s response to earlier Salt Typhoon disclosures.
Intelligence sources quoted in the report suggested UK telecoms networks were in better shape than those in the US, pointing to the Telecommunications Security Act passed in 2021. Even so, a senior US official described the global Salt Typhoon operation as “one of the more successful campaigns in the history of espionage,” highlighting how hard such intrusions are to detect once attackers are embedded deep inside network infrastructure.
As with previous Salt Typhoon cases, the hardest part may not be working out what was accessed, but proving the attackers are no longer there. ®