TL;DR: Norway's Police Security Service confirmed on February 6 that Chinese state-backed hackers (the same Salt Typhoon group that burrowed into AT&T, Verizon, and at least seven other US telecom companies) successfully breached Norwegian organizations by exploiting vulnerable network devices. Norway's intelligence chief called it the country's "most serious security situation since World War II." Meanwhile in Washington, Senator Maria Cantwell revealed that AT&T and Verizon are actively blocking Congress from seeing security assessments about the very same hack. One allied nation is sounding the alarm. The two biggest US telecoms are hiding behind their lawyers.

Norway Drops the Bomb

On February 6, 2026, Norway's Police Security Service (PST) released its annual threat assessment. Buried in it was a confirmation that should have led every news cycle: Salt Typhoon hackers exploited vulnerable network devices inside Norwegian organizations [1].

PST Director General Beate Gangås didn't mince words. Norway is "facing its most serious security situation since World War II," she said, pointing to relentless pressure from Chinese, Russian, and Iranian intelligence services [2].

The assessment named China's cyber threat as "substantial" and called cyberspace "the primary intelligence threat from China" in Norway. Chinese intelligence services have "strengthened their ability to operate in Norway," the PST warned, including "through cyber operations and human intelligence collection" [2].

They didn't name specific victims. But the targets fit Salt Typhoon's pattern: telecom infrastructure, critical services, anything with a network device exposed to the internet.

What Salt Typhoon Actually Did

If you haven't been tracking Salt Typhoon, here's the short version: Chinese government hackers, operating under China's Ministry of State Security, penetrated the networks of at least nine US telecom companies, including AT&T, Verizon, T-Mobile, and Lumen Technologies. The FBI says they targeted more than 200 organizations across 80 countries [3].

What they got access to is staggering:

  • Metadata from calls and texts of over a million users, mostly in the Washington D.C. area
  • Actual audio recordings of phone calls from high-profile targets, including staff from both the 2024 Trump and Harris presidential campaigns
  • CALEA wiretap systems: the infrastructure US law enforcement and intelligence agencies use for court-authorized surveillance
  • Potentially, email accounts used by congressional staff

Read that list again. Chinese intelligence officers accessed the same systems the FBI uses to conduct wiretaps. They didn't just spy on Americans: they hijacked the surveillance infrastructure itself.

They Might Still Be In There

Here's the part that makes this worse. Despite months of remediation, security experts believe Salt Typhoon hackers may still be inside US telecom networks [4]. Neither AT&T nor Verizon has been able to definitively prove they've been kicked out.

And it gets more infuriating. On February 5, 2026, Senator Maria Cantwell, ranking member of the Senate Commerce Committee, revealed that both AT&T and Verizon are blocking the release of security assessments about the hack [5]. Both companies acknowledge these reports exist. They just won't let Congress or the public see them.

"AT&T and Verizon CEOs need to come clean," Cantwell said, demanding the companies appear before the committee to explain why they're withholding reports about a breach that compromised the communications of American citizens [5].

Let that sink in. A European allied nation's intelligence service is being more transparent about Salt Typhoon than America's two largest telecom companies.

Europe Is Waking Up

Norway's confirmation matters because it shatters the fiction that Salt Typhoon was an American problem. This is a global espionage operation. Norway is a NATO founding member, shares an Arctic border with Russia, and hosts critical undersea cable infrastructure connecting Europe and North America. If you wanted to monitor European communications, Norwegian network devices would be a smart starting point.

The PST assessment also warned that China is "systematically" using collaborative research and development projects to enhance military and security capabilities, meaning partnerships between Norwegian universities, tech companies, and Chinese entities may be feeding directly into China's intelligence apparatus [2].

PST called for "closer cooperation between authorities and the private sector, particularly operators of critical infrastructure." Translation: your telecom provider might already be compromised, and we need them to actually tell us about it [2].

What This Means for You

If you're thinking "I'm not a politician, this doesn't affect me," wrong. Salt Typhoon compromised metadata from over a million users. That's who you called, when, for how long, and where you were when you made the call. You don't need to be a senator to end up in that dragnet.

And the CALEA wiretap access is genuinely terrifying. These systems exist so that law enforcement can conduct court-authorized surveillance. Chinese hackers compromised them. That means the infrastructure designed to protect you (with judicial oversight and legal safeguards) was turned into an intelligence collection tool for a foreign government.

Here's what you can do right now:

  • Use end-to-end encrypted messaging. Signal, not SMS. Not regular phone calls. If your telecom's network is compromised, your texts and calls are exposed. Encrypted messengers bypass that entirely.
  • Enable two-factor authentication everywhere, but use an authenticator app, not SMS-based 2FA. SMS travels over the same networks Salt Typhoon compromised.
  • Assume your call metadata is already collected. Who you called, when, and for how long. Act accordingly.
  • Demand transparency from your carrier. AT&T and Verizon have over 200 million combined subscribers. Those subscribers deserve to know whether their provider's network is still compromised.

The Transparency Gap

Norway's PST published its findings in an annual report available to the public. They named Salt Typhoon. They described the threat in plain language. They told their citizens what was happening.

In the United States, the two companies that were most deeply penetrated, AT&T and Verizon, are lawyering up to keep their security reports away from the senators trying to protect their customers. These are companies that collect your location data, your call records, your browsing habits. They got hacked by a foreign government. And they won't tell you how bad it was.

One country has a population of 5.5 million. The other has 330 million. Guess which one is being more honest with its citizens about the threat.

Sources

  1. TechCrunch: "China's Salt Typhoon hackers broke into Norwegian companies" (February 6, 2026)
  2. The Record: "Norwegian intelligence discloses country hit by Salt Typhoon campaign" (February 6, 2026)
  3. Senate Commerce Committee: "Cantwell Demands AT&T, Verizon CEOs Come Clean on Salt Typhoon Hacks" (February 2026)
  4. CyberScoop: "Cantwell claims telecoms blocked release of Salt Typhoon report" (February 2026)
  5. Nextgov: "Senator says AT&T and Verizon blocked release of Salt Typhoon security reports" (February 2026)
  6. GovInfoSecurity: "Norway Says Salt Typhoon Hackers Hit Vulnerable Systems" (February 2026)