Chinese state-affiliated hackers maintained illicit access to mobile devices belonging to personnel within the British Prime Minister’s residence at Downing Street for several years, intercepting both personal and official communications. An investigation by The Telegraph reveals that this expansive cyber-espionage operation compromised high-ranking government officials and their inner circles, effectively penetrating the very heart of the nation’s political apparatus.
These incursions persisted from at least 2021 through 2024 and have been attributed to the Chinese state-sponsored hacking collective known as Salt Typhoon. The targeted devices included those of aides to Boris Johnson, Liz Truss, and Rishi Sunak. While it remains unconfirmed whether the Prime Ministers’ personal devices were directly compromised, sources assert that the attackers’ access extended to pivotal communications within Downing Street.
American intelligence agencies suspect the operation may have endured beyond this timeframe, posing a potential risk of data exfiltration during the tenure of Keir Starmer’s administration. In November, MI5 cautioned Parliament regarding the threat of Chinese espionage, echoing earlier warnings from the FBI and other Western intelligence services that Chinese entities had infiltrated telecommunications networks globally.
The implications extend beyond the mere interception of calls and messages to include the harvesting of metadata. This encompasses information regarding whom officials contact, the frequency and origin of such communications, and geolocation data. Even absent direct access to conversation content, such intelligence provides a potent instrument for analyzing associations, movements, and decision-making processes.
Operation Salt Typhoon was global in scope. Beyond the United Kingdom, the attacks impacted the United States, Australia, Canada, and New Zealand—members of the Five Eyes intelligence alliance. The magnitude of the breaches only came to light in 2024, when the US disclosed the compromise of telecommunications companies, which facilitated access to the data of millions of users worldwide.
Former American officials contend that the hackers possessed the capability to record telephone conversations and track users in near real-time. Indeed, a senior US representative characterized this campaign as “one of the most successful espionage operations in history.”
Predictably, Beijing has repudiated these accusations, dismissing them as unsubstantiated and politically motivated. Representatives from the Chinese embassy maintain that China itself is a victim of cyberattacks and advocates for adherence to international cybersecurity norms.
Cybersecurity experts note that China has long demonstrated a keen interest in acquiring political intelligence regarding British politicians and decision-making processes in London. They describe the attacks as surgical and meticulously orchestrated, with the primary objective being the telecommunications infrastructure through which key government communications traverse.
Against the backdrop of this investigation, British intelligence agencies acknowledge that the threat posed by state-sponsored cyber operations is becoming increasingly systemic and enduring. A report by the Intelligence and Security Committee of Parliament previously highlighted the United Kingdom’s lack of a cohesive strategy regarding China, despite escalating risks to national security.
The UK government has declined to offer official comment on the leaks; nevertheless, the Downing Street breach serves as yet another alarming indication of the vulnerability of even the most fortified centers of power in an era of pervasive global cyber-espionage.