Canadian Media Giant Rogers Named as Victim of Chinese Telecom Hackers
Rogers Communications, Canada's top wireless provider with over 20 million subscribers across its various services, has been identified as a victim of the Salt Typhoon hacking group. The notorious cyber threat actor, which has targeted dozens of communications firms worldwide, has left the Canadian media giant reeling in its wake.
The news comes at a time when Rogers is among those required to comply with Canadian "lawful access" inquiries, a set of laws that let federal investigators compel providers to turn over communications metadata on individuals suspected of criminal activity, hacking, or espionage. In 2023, the company disclosed data on some 162,000 customers to authorities under lawful access requests backed by warrants and government orders.
The Salt Typhoon campaign, which likely began around two to three years ago, has expanded rapidly since its discovery last year. The group, known for targeting telecommunications firms worldwide, has gone after those same wiretap environments in the U.S., including President Donald Trump's communications during his run for the White House last year.
The Canadian Centre for Cyber Security (CCCS) recently released a bulletin warning that Salt Typhoon was targeting telecommunications firms in the country. "Three network devices registered to a Canadian telecommunications company were compromised by likely Salt Typhoon actors in mid-February 2025," says the bulletin, which doesn't name the firm.
Experts point to a 2023 vulnerability in Cisco routers as a potential entry point for the hackers. Cisco equipment that has not been patched with the latest security updates has provided a wide access point into various communications systems, according to earlier assessments. However, it's worth noting that while there have been reports of Salt Typhoon abusing other known vulnerabilities, the CCCS has not identified any evidence to confirm these claims.
Other notable targets of the Salt Typhoon campaign include Comcast and data center giant Digital Realty, which were marked as likely victims by U.S. security agencies last month. Satellite provider Viasat was also accessed by the hackers, according to Bloomberg News.
A Threat to Global Communications
The group's motivations are twofold: they want worldwide communications supremacy and access to sensitive information that can reveal private deliberations of government officials or contractors involved in national security work. With its extensive reach across multiple countries, Salt Typhoon poses a significant threat to the global communications landscape.
Industry Response
Rogers has denied allegations that it was compromised by Salt Typhoon, stating that these claims are "false" and have been verified by two independent cybersecurity firms. The company added that it partners with government and industry to proactively monitor and investigate potential threats.
The CCCS also emphasized its commitment to ensuring the security of Canadian critical telecommunications infrastructure. Through the Canadian Security Telecommunications Advisory Committee (CSTAC), the CCCS regularly engages with Canadian telecommunications service providers and key equipment suppliers to help ensure their networks are secure.
What's at Stake?
The impact of this hacking campaign on Rogers and other targeted companies is significant, given their extensive reach and reliance on vulnerable networks. As governments and cybersecurity experts scramble to respond to the Salt Typhoon threat, one thing is clear: the stakes have never been higher in the world of global communications.