Washington — Federal authorities are urgently investigating a cyberattack linked to China-backed hackers that targeted major U.S. telecommunications companies and systems used for key government intelligence-gathering functions, a U.S. official familiar with the matter confirmed to CBS News.

The hacking group known as Salt Typhoon has attacked numerous companies, including Verizon, AT&T and Lumen Technologies. The official, who spoke on condition of anonymity, said the depth and severity of the hack was not yet clear.

According to the official, the Chinese hackers have penetrated systems used by U.S. intelligence agencies for eavesdropping, and both government agencies and the affected private companies are trying to determine what information, if any, the malicious actors were able to collect.

The hack was first reported by the Wall Street Journal. The FBI and other federal agencies, including the Cybersecurity and Infrastructure Security Agency, are currently investigating the cyber breach. The FBI, Justice Department and CISA did not comment.

AT&T and Lumen Technologies declined to comment for this report. Verizon did not immediately respond to CBS News’ request for comment.

What did the hackers have in their sights?

U.S. intelligence officials regularly seek court authorization to use telecommunications systems like those affected by the breach to gather information for law enforcement or national security investigations. The U.S. official told CBS News that the China-backed hackers targeted U.S. surveillance capabilities used for operations such as wiretapping, and investigators are now trying to determine how deeply the Chinese accessed the networks.

One concern is that the cyberattacks may have allowed the hackers to obtain information about ongoing U.S. investigations, including those related to China, by collecting sensitive data and techniques.

What are US lawmakers saying?

In light of the reported hack, Sen. Ron Wyden, a Democrat from Oregon, called on the Justice Department and the Federal Communications Commission to adopt mandatory, uniform security standards for telecommunications companies’ interception systems.

“The recently reported hack of U.S. telecommunications companies’ wiretapping systems should be an important wake-up call for the government,” Wyden said in a letter to FCC Chairwoman Jessica Rosenworcel and Attorney General Merrick Garland. “The DOJ’s outdated regulatory framework and failed approach to combating cyberattacks by protecting negligent companies must be addressed. The security of our nation’s communications infrastructure is paramount, and the government must act now to address these long-standing vulnerabilities.”

Specifically, Wyden called on the FCC to establish “core” cybersecurity standards for telecommunications companies that are enforceable through fines and to require independent, annual, third-party cybersecurity audits, among other things.

He called on the Justice Department to hold “negligent” companies accountable and be transparent with Congress, investigators and the public about data breaches. He said the government should prioritize corporate responsibility for poor cybersecurity over prosecuting foreign hackers because these hackers are rarely successfully brought to justice.

What else has China done?

FBI Director Christopher Wray and other senior U.S. officials have done so been warned for a long time about China’s cyber threats. hacker Supported by the Chinese government Wray had recently targeted U.S. water treatment facilities and power grids and strategically positioned himself within critical infrastructure systems to “wreak havoc and cause real harm to American citizens and communities,” Wray told Congress in January.

Earlier this year, CISA officials issued a public statement alleging that China-backed hackers “attempt to exploit IT networks to launch disruptive or destructive cyberattacks on critical U.S. networks in the event of a major crisis or conflict with the United States.” -positioning infrastructures”. States.”

And in recent years, federal Justice Department officials have warned about China’s efforts to steal sensitive U.S. technology information to improve its own domestic capabilities.

A years-long cyber operation led by a notorious Chinese state actor known as APT 41 has diverted an estimated trillion dollars’ worth of intellectual property from about 30 multinational companies in the pharmaceutical, energy and manufacturing industries. CBS News reported in 2022. This included sensitive data from companies in North America, Europe and Asia.

Olivia Gazis and Nicole Sganga contributed to this report.