A group of hackers linked to the People’s Republic of China may have accessed sensitive wiretap request information in a breach of American telecommunications companies, according to a new report Monday, posing a significant security risk. 

American officials tell The Wall Street Journal and CNN that it is possible the hackers with the group Salt Typhoon were able to access wiretap warrant requests during a months-long infiltration of telecommunications companies that targeted AT&T, Verizon, and Lumen. However, due to the length of the hack, the list of companies targeted could be longer. 

Officials believe the hackers were looking for sensitive information. Although it was unclear what data the hackers might have obtained, officials warned the breach could pose a significant national security risk. 

Telecommunications companies hold vast amounts of data on callers that law enforcement officials can request access to with a warrant. The hackers may have also obtained more generic internet traffic information. An American security official told the Washington Post it would likely take “a little bit more time to figure out” what information was obtained during the breach. 

As law enforcement officials have charged dozens of alleged agents of Communist China in recent years, the warrant request data could be of particular interest to Beijing if it includes information about communications that could be under surveillance by American officials or information on potential targets of investigations.

One former American intelligence official told the Post such data would give away details about “exactly who the U.S. government is interested in” and give Beijing opportunities to “undermine the government’s intelligence collection efforts or to feed the United States disinformation.”

AT&T and Lumen declined to comment, and Verizon did not respond to a request for comment. The Department of Justice also declined to comment. 

As with previous intrusions, Communist China’s foreign ministry denied knowledge of the hack and claimed American officials had “concocted a false narrative.”

“At a time when cybersecurity has become a common challenge for all countries around the world, this erroneous approach will only hinder the efforts of the international community to jointly address the challenge through dialogue and cooperation,” the foreign ministry told Reuters. 

The Salt Typhoon intrusion comes as American officials have been warning about the risks of Communist China’s attempts to breach critical infrastructure. In April, FBI Director Christopher Wray warned that Beijing-linked hackers had access to critical infrastructure and were waiting “for just the right moment to deal a devastating blow.”

In a separate operation known as Volt Typhoon, discovered earlier this year, hackers breached several companies that provide vital services, such as water, energy, and telecommunications.

Mr. Wray warned in a speech at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats that Communist China has the “ability to physically wreak havoc on our critical infrastructure at a time of its choosing.”