Chinese Hackers Breached FBI Network Holding Wiretap and Surveillance Data

FBI headquarters building with red cyber attack warning visualization

Chinese state-affiliated hackers have breached an FBI computer network that holds information related to domestic surveillance orders, including wiretap data, according to a Wall Street Journal report. The FBI discovered “suspicious activity” on its own systems, and the U.S. has officially identified China as the prime suspect in the breach.

This isn’t just another government hack. This is the agency responsible for conducting surveillance on threats to national security getting its own surveillance infrastructure compromised by the very country it’s supposed to be watching.

What Was Breached

The compromised FBI network contained information related to some domestic surveillance orders — the legal mechanisms that authorize law enforcement to wiretap phones, monitor communications, and conduct electronic surveillance on suspects within the United States. While the full scope of the breach is still being assessed, the mere fact that foreign hackers accessed a system containing this kind of data is a worst-case scenario for U.S. intelligence.

The information in these systems could reveal:

  • Who the FBI is surveilling — foreign agents, terror suspects, or persons of interest operating on U.S. soil
  • The methods and tools used for domestic surveillance operations
  • Court-authorized wiretap orders and the legal justifications behind them
  • Intelligence sources and techniques that are supposed to remain classified

If Chinese intelligence now knows who the FBI is watching and how, they can warn their operatives, change their communication methods, and effectively blind U.S. counterintelligence efforts.

The Salt Typhoon Connection

This breach doesn’t exist in a vacuum. It follows the devastating Salt Typhoon campaign of 2024-2025, in which Chinese hackers infiltrated major U.S. telecommunications networks including AT&T, Verizon, and T-Mobile. That campaign gave Chinese intelligence access to the communication metadata — and in some cases, actual content — of millions of Americans, including senior government officials.

The pattern is clear: China isn’t just hacking random government systems. It’s systematically targeting the infrastructure America uses to spy on its adversaries. First the telecom networks that carry the communications. Now the FBI systems that authorize and track the surveillance itself.

Trump’s Cyber Strategy: Offense as Defense

The FBI breach comes the same week the Trump administration released its new cybersecurity strategy, which prioritizes offensive operations, AI-powered security, and regulatory streamlining. The timing feels less like coincidence and more like an exclamation point on why the strategy was needed.

The new cyber executive order directs officials to identify tools to combat transnational criminal organizations and state-sponsored hacking groups. It also emphasizes deregulation — reducing the compliance burden on companies while investing in offensive cyber capabilities that can hit back at attackers.

Meanwhile, Google’s Threat Intelligence Group documented 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024. Commercial spyware vendors and China-linked groups led the exploitation. The threat landscape isn’t just growing — it’s accelerating.

A Growing List of Chinese Cyber Operations

The FBI breach is the latest in a long series of Chinese cyber operations against U.S. targets:

  • Salt Typhoon (2024-2025) — Infiltrated AT&T, Verizon, T-Mobile, and other telecom providers, accessing call metadata and communications of senior officials
  • Volt Typhoon (2023-2024) — Pre-positioned malware in U.S. critical infrastructure including water systems, power grids, and transportation networks
  • OPM Hack (2015) — Stole 22 million federal employee records including security clearance data
  • Equifax Hack (2017) — Four Chinese military officers indicted for stealing 145 million Americans’ personal data

Each of these campaigns targeted a different piece of America’s security apparatus. Together, they paint a picture of a systematic, decade-long effort to map, penetrate, and potentially disable U.S. intelligence and infrastructure capabilities.

What Happens Next

The U.S. has launched a formal investigation into the breach, though details remain classified. The bigger question is what this means for the FBI’s ongoing surveillance programs. If the integrity of the surveillance order database has been compromised, every active investigation that relies on wiretap evidence could face legal challenges.

Defense attorneys are certainly going to ask: if China had access to the FBI’s surveillance system, how can the government guarantee the integrity of any evidence collected through it?

The Bottom Line

The FBI getting hacked by China is bad enough. The FBI’s surveillance network getting hacked by China is a category-five intelligence disaster. It means the watchers were being watched, and they didn’t even know it.

The U.S. spends hundreds of billions on national security, and yet the agency at the center of domestic counterintelligence couldn’t keep its own wiretap database secure from the exact adversary it’s designed to monitor. If that doesn’t justify the new administration’s push for offensive cyber capabilities, nothing will.