US intelligence has called the Downing Street hack one of the most successful spy operations in history.
For several years, Chinese hackers had access to the mobile phones of staff at the British Prime Minister's Downing Street residence, gaining access to their personal and work communications. According to an investigation by The Telegraph, the large-scale cyberespionage operation affected senior British government officials and their inner circle, effectively penetrating the very heart of the country's political system.
The attacks lasted from at least 2021 to 2024 and were linked to a Chinese state-run hacking group known as Salt Typhoon . The phones of Boris Johnson's aides, Liz Truss, and Rishi Sunak, were targeted. It is unclear whether the prime ministers' devices were compromised, but sources claim the attackers' access extended to key communications within Downing Street.
US intelligence agencies believe the operation may have continued later, creating the risk of a data leak during Keir Starmer's government. In November, MI5 warned Parliament of the threat of Chinese espionage, and the FBI and other Western intelligence agencies have previously stated that Chinese structures have gained access to telecommunications networks worldwide.
This concerns not only the possibility of eavesdropping on calls and reading messages, but also access to metadata. This includes information about who, how often, and from where officials communicate, as well as geolocation data. Even without direct access to the content of conversations, such information provides intelligence agencies with a powerful tool for analyzing connections, movements, and decision-making.
Operation Salt Typhoon was global in scope. In addition to the UK, the attacks affected the US, Australia, Canada, and New Zealand, all members of the Five Eyes intelligence alliance. The scale of the breaches only became known in 2024, when the US disclosed a hack of telecommunications companies that had exposed the data of millions of users worldwide.
Former US officials claim hackers were able to record phone conversations and track users in near real time. One senior US official called the campaign "one of the most successful spy operations in history."
China traditionally denies the accusations, calling them unsubstantiated and politically motivated. Chinese embassy officials claim Beijing is itself a victim of cyberattacks and advocates for compliance with international cybersecurity standards.
Cybersecurity experts note that China has long shown an interest in gaining political information about British politicians and decision-making processes in London. They say the attacks were targeted and well-planned, with the primary target being the telecommunications infrastructure that carries key government communications.
Amid the investigation, British intelligence agencies acknowledge that the threat posed by state-sponsored cyber operations is becoming increasingly systemic and long-term. A report by the Parliamentary Intelligence and Security Committee previously stated that the UK still lacks a comprehensive strategy for dealing with China, despite growing risks to national security.
The UK government has declined to comment officially on the leaks, but the Downing Street hack is yet another alarming sign of how vulnerable even the most secure centres of power remain in the age of global cyber-espionage operations.
For several years, Chinese hackers had access to the mobile phones of staff at the British Prime Minister's Downing Street residence, gaining access to their personal and work communications. According to an investigation by The Telegraph, the large-scale cyberespionage operation affected senior British government officials and their inner circle, effectively penetrating the very heart of the country's political system.
The attacks lasted from at least 2021 to 2024 and were linked to a Chinese state-run hacking group known as Salt Typhoon . The phones of Boris Johnson's aides, Liz Truss, and Rishi Sunak, were targeted. It is unclear whether the prime ministers' devices were compromised, but sources claim the attackers' access extended to key communications within Downing Street.
US intelligence agencies believe the operation may have continued later, creating the risk of a data leak during Keir Starmer's government. In November, MI5 warned Parliament of the threat of Chinese espionage, and the FBI and other Western intelligence agencies have previously stated that Chinese structures have gained access to telecommunications networks worldwide.
This concerns not only the possibility of eavesdropping on calls and reading messages, but also access to metadata. This includes information about who, how often, and from where officials communicate, as well as geolocation data. Even without direct access to the content of conversations, such information provides intelligence agencies with a powerful tool for analyzing connections, movements, and decision-making.
Operation Salt Typhoon was global in scope. In addition to the UK, the attacks affected the US, Australia, Canada, and New Zealand, all members of the Five Eyes intelligence alliance. The scale of the breaches only became known in 2024, when the US disclosed a hack of telecommunications companies that had exposed the data of millions of users worldwide.
Former US officials claim hackers were able to record phone conversations and track users in near real time. One senior US official called the campaign "one of the most successful spy operations in history."
China traditionally denies the accusations, calling them unsubstantiated and politically motivated. Chinese embassy officials claim Beijing is itself a victim of cyberattacks and advocates for compliance with international cybersecurity standards.
Cybersecurity experts note that China has long shown an interest in gaining political information about British politicians and decision-making processes in London. They say the attacks were targeted and well-planned, with the primary target being the telecommunications infrastructure that carries key government communications.
Amid the investigation, British intelligence agencies acknowledge that the threat posed by state-sponsored cyber operations is becoming increasingly systemic and long-term. A report by the Parliamentary Intelligence and Security Committee previously stated that the UK still lacks a comprehensive strategy for dealing with China, despite growing risks to national security.
The UK government has declined to comment officially on the leaks, but the Downing Street hack is yet another alarming sign of how vulnerable even the most secure centres of power remain in the age of global cyber-espionage operations.
