FBI Classifies Chinese Hack of Surveillance System as Major Cyber Incident

Severity: High (Score: 74.9)

Sources: Politico, Foxnews, Breitbart

Summary

The FBI has declared a significant cyber incident following a suspected Chinese hack of its surveillance system, which compromised sensitive data. The breach involved unauthorized access to an unclassified system containing law enforcement-sensitive information, including pen register and trap and trace surveillance returns. The attack was detected on February 17, 2026, and the FBI quickly shut it down. However, the hackers employed sophisticated tactics by leveraging infrastructure from a commercial Internet service provider. The incident is believed to pose a major risk to U.S. national security, as the compromised data could reveal ongoing investigations. The FBI has not disclosed specific details about the attackers but indicated that the sophistication of the hack suggests state-sponsored involvement. The breach does not appear to be connected to a recent Iranian-linked incident involving FBI Director Kash Patel's emails. The White House and other agencies are now involved in the investigation. This incident highlights the growing threat from advanced cyber adversaries like China. Key Points: • FBI classified the incident as a 'major cyber incident' under FISMA. • The breach involved sensitive data related to surveillance operations. • Attackers used a commercial ISP's infrastructure to gain access.

Key Entities

• Salt Typhoon (apt_group)
• Data Breach (attack_type)
• FBI (company)
• Federal Bureau Of Investigation (company)
• China (country)
• United States (country)
• Government (industry)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)