Chinese State-Sponsored Hackers Allegedly Compromised Mobile Phones of Senior UK Officials

Allegations of Extensive Cyber Espionage

Reports have emerged detailing an alleged extensive cyber-espionage campaign by Chinese state-sponsored hackers, targeting the mobile phones of senior UK government officials between 2021 and 2024. The compromised individuals reportedly include aides to former prime ministers Boris Johnson and Liz Truss, as well as current Prime Minister Rishi Sunak. While it remains unconfirmed whether the prime ministers' own devices were breached, sources suggest the operation penetrated 'right into the heart of Downing Street'.

The nature of the compromise is believed to have allowed access to private communications, including text messages, phone calls, and metadata such as communication patterns and geolocation data. Some intelligence reports indicate that hackers gained deep access to telecommunications networks, enabling them to record calls 'at will'. This operation is frequently referred to by US intelligence sources as 'Salt Typhoon', and is believed to be ongoing.

UK Government's Response and Attribution

The UK government has formally attributed several cyber incidents to Chinese state-affiliated entities. In March 2024, ministers publicly accused China of cyber campaigns against Members of Parliament and the Electoral Commission. The systems of the Electoral Commission were reportedly compromised between late 2021 and October 2022, with the personal data of millions of voters potentially accessed. The National Cyber Security Centre (NCSC) assessed it as 'highly likely' that a Chinese state-affiliated entity was responsible for the Electoral Commission breach and 'almost certain' that the Advanced Persistent Threat Group 31 (APT31) conducted reconnaissance against UK parliamentarians in 2021.

In response to these threats, MI5 reportedly issued an 'espionage alert' to Parliament in November 2025. Furthermore, in December 2025, the UK sanctioned two China-based technology companies, Sichuan Anxun Information Technology Co. Ltd (i-Soon) and Integrity Technology Group Incorporated (Integrity Tech), for their alleged involvement in 'reckless and indiscriminate cyberattacks' against the UK and its allies. The UK and Chinese governments have also reportedly established a 'Cyber Dialogue' forum to directly address allegations of cyberattacks.

International Context and China's Denial

The alleged hacking of UK officials is part of a broader global cyber-espionage effort targeting telecommunications networks across multiple countries, including members of the Five Eyes intelligence alliance (United States, United Kingdom, Australia, Canada, and New Zealand). US officials reportedly alerted allies in 2024 after discovering that Chinese hacking groups had gained access to telecom companies worldwide, with US intelligence agencies believing these intrusions date back to at least 2021.

Despite the widespread allegations and evidence presented by Western nations, China's foreign ministry has consistently rejected these claims. They have described the accusations as 'baseless' and 'lacking evidence', asserting that China 'firmly opposes and cracks down on hacking activities in accordance with the law'.