Phones belonging to senior aides of former UK prime ministers, including Rishi Sunak and Boris Johnson, were allegedly hacked as part of a long-running Chinese espionage operation that penetrated the heart of Britain’s government, according to a report by The Telegraph.
The breach, which reportedly spanned several years, has raised fresh alarms about the security of communications inside Downing Street and comes at a politically sensitive moment, just days before Prime Minister Keir Starmer is due to visit China to reset trade and investment ties.
What is the alleged China-linked hacking operation?
The reported cyber intrusion is believed to be part of a broader Chinese espionage campaign targeting political and telecommunications infrastructure across multiple countries.
The Salt Typhoon operation explained
US intelligence agencies have linked the activity to a Chinese state-backed cyber operation known as Salt Typhoon. According to American officials, the campaign focused on infiltrating telecom networks, allowing hackers to quietly access sensitive metadata and communications over long periods.
Salt Typhoon has already been linked to breaches in the United States and other members of the Five Eyes intelligence alliance, which includes the UK, Australia, Canada, and New Zealand.
How Downing Street was affected
The Telegraph reported that mobile phones used by aides to Boris Johnson, Liz Truss, and Rishi Sunak were compromised between 2021 and 2024. While it remains unclear whether the prime ministers’ own devices were breached, a source familiar with the investigation said the intrusion reached “right into the heart of Downing Street”.
British officials have publicly acknowledged only a “cluster of activity” in the UK, but intelligence sources suggest repeated attempts to access government communications during Rishi Sunak’s tenure.
What data may have been exposed?
Even limited access to senior officials’ phones can have serious national security implications.
More than just messages
According to intelligence officials cited in the report, hackers may have accessed:
- Text messages and call logs
- Contact lists revealing internal networks
- Location data showing officials’ movements
- Metadata that can map relationships and routines
Security experts often warn that metadata can be as revealing as message content, allowing foreign intelligence agencies to build detailed profiles without reading a single text.
Why aides are prime targets
Aides and advisers often handle sensitive coordination, scheduling, and informal discussions. Compromising their devices can provide insight into policy debates, diplomatic planning, and crisis response, even if senior leaders’ phones remain secure.
How did the breach come to light?
The UK breaches were reportedly uncovered only in 2024, despite dating back several years.
US disclosure triggered wider investigations
The hacking activity surfaced after the United States disclosed that Chinese-linked actors had infiltrated telecom networks globally. This prompted allied governments, including the UK, to review their own systems.
The FBI warned last year that Chinese “state-sponsored cyber threat actors” were targeting telecommunications, government, and military networks. The bureau said the stolen data could allow Chinese intelligence to identify and track targets’ communications and movements worldwide.
MI5 and parliamentary warnings
Britain’s domestic intelligence service, MI5, warned Parliament in November about the growing threat of Chinese state espionage. More recently, a parliamentary intelligence committee criticized the government for lacking a clear China strategy and failing to respond effectively to the scale of the threat.
Why is the timing politically sensitive
The revelations come at an awkward moment for the UK government.
Starmer’s China visit under scrutiny
Prime Minister Keir Starmer is scheduled to visit China this week, the first such trip by a British prime minister since Theresa May in 2018. The visit aims to strengthen trade and investment ties, but critics argue it risks downplaying serious security concerns.
The government has also approved plans for a large Chinese embassy in London near sensitive communications infrastructure. That decision has drawn criticism from security experts and opposition figures who warn it could expose critical systems to surveillance.
Ongoing concerns about current leadership
US intelligence sources have suggested the Salt Typhoon operation may still be active. That raises the possibility that current Downing Street officials, including Starmer’s senior staff, could also have been targeted.
How China has responded
China has strongly denied the allegations.
Embassy statement rejects claims
A spokesperson for the Chinese embassy said China is a major victim of cyber espionage and does not support or condone cyberattacks. The statement accused Western governments of politicizing cybersecurity issues and making accusations without evidence.
Such denials are common in cases of alleged state-sponsored hacking, where direct attribution is difficult and often relies on classified intelligence.
Why this case matters beyond the UK
This episode highlights broader challenges facing democracies in an era of digital espionage.
Telecom networks as a weak point
Rather than hacking individual phones, sophisticated actors increasingly target telecom infrastructure itself. This approach allows access to vast amounts of data while remaining harder to detect.
Governments worldwide are now reassessing how much sensitive communication still travels over commercial networks.
A warning for allied nations
For the UK and its allies, the alleged Downing Street breach underscores the need for:
- Stronger encryption standards
- Reduced reliance on commercial networks for sensitive communications
- Clearer strategies for dealing with China as both an economic partner and a security risk
TL;DR
Phones used by aides to former UK prime ministers Boris Johnson, Liz Truss, and Rishi Sunak were allegedly hacked as part of a Chinese espionage operation known as Salt Typhoon. The breach, uncovered in 2024 but dating back to at least 2021, may have exposed sensitive government communications and metadata. The revelations come as Prime Minister Keir Starmer prepares for a high-stakes visit to China, intensifying debate over the balance between economic engagement and national security.
