In early October, several news outlets reported on an attack affecting AT&T, Cisco, Verizon, and potentially other operators and carried out with apparent involvement by the Chinese state. Reports indicated that the hack might have resulted in access to or exfiltration of information relating to wiretap targets of law enforcement. This kind of information is extremely sensitive, and the fact that a foreign power might have had access to it is of concern to all of us as American citizens.
WHY IT MATTERS
There is no secret about nation-states (perhaps especially China) being involved in or sponsoring cyber espionage. This is warfare for the post-Cold War era. It is especially disturbing, however, to see those capabilities turned against our communication networks. The fact that this may involve access to information about wiretap targets is a sobering reminder that information security is only as good as the weakest link in the chain. Neither we as consumers/citizens, nor law enforcement, can ensure that private actors keep information about us secure and confidential.
Of additional interest is the fact that AT&T, Verizon, et al. are carriers of corporate confidential information (in email and other messaging, for instance), not just consumer information. News reports are not focused on how this aspect of their business might have been affected by the hack. It is a good reminder that knowing your rights and remedies as a customer can be critical; whether a vendor must report these kinds of incidents to you and work with you to fix them can be extremely important if they are privy to your sensitive or confidential information.