Suspected Chinese breach of FBI system exposed surveillance targets’ phone numbers
Suspected Chinese breach of FBI system exposed surveillance targets’ phone numbers
Publish Date: 2026-04-03 12:17:00
Source Domain: www.nextgov.com
A suspected China-linked breach of an FBI surveillance system likely revealed phone numbers of targets being monitored by the bureau, according to a person familiar with a recent notification of the breach sent to Congress and a second person familiar with the matter.
On February 17, the FBI began investigating abnormal activity in an unclassified system that stores pen register and tap-and-trace surveillance data, said the people, describing a Justice Department notice transmitted to Congress earlier this week. The agency has currently identified that phone numbers were exposed, the people said.
The DOJ assessed that, under standards codified in the Federal Information Security Modernization Act, the breach was a “major incident,” and remediation efforts are ongoing, the people added.
Pen register and trap-and-trace tools let the FBI collect metadata on who a target is communicating with, though they do not capture the content of those communications.
Access to this data could allow foreign hackers to determine who the U.S. is surveilling. Phone numbers don’t necessarily reveal the identities of individuals, but they can be used to map relationships and build networks of associates and intelligence targets.
“The FBI, part of their job is counterintelligence,” said John Fokker, head of threat intelligence at Trellix and a former official in the Dutch National Police’s High-Tech Crime Unit. “So if they’re conducting any investigations on U.S. soil against, maybe some Chinese spies … that could be interesting for a party like the Chinese or the Russians, it could be anyone, just to get an inside look. It can give them a heads up of who they need to cut ties with, or bring back, or if their asset is compromised.”
Politico first reported the details of the breach involving targets’ phone numbers and the “major incident” determination under FISMA. The Wall Street Journal reported a suspected Chinese nexus to the hack. Nextgov/FCW has not…
