Canadian media giant Rogers named as victim of Chinese telecom hackers
Canadian telecom and mass media provider Rogers Communications was identified as a firm ensnared by a major Chinese hacking group that has targeted dozens of communications firms worldwide, according to two people familiar with the matter.
The group, known as Salt Typhoon, was discovered inside a batch of American telecom operators last year and first brought to light by the Wall Street Journal in late September. The campaign likely began around two to three years ago and has expanded rapidly since.
It’s not immediately clear what data, assets or other information were pilfered from Rogers networks. The people spoke on the condition of anonymity because the matter is sensitive.
“We have not seen any evidence. As part of ongoing work, we partner with government and industry to proactively monitor and investigate potential threats,” a company spokesperson said.
Nextgov/FCW has also reached out to the Canadian Centre for Cyber Security for comment.
Rogers is the country’s top wireless provider and boasts some 20 million subscribers across its various services, a company webpage says. Over 60% percent of Canadian households rely on its internet, it notes. It also has extensive contracts with Canada’s government.
Canada, like many countries with robust telecom networks, has laws that let federal investigators compel providers to turn over communications metadata on individuals suspected of criminal activity, hacking or espionage. Rogers is among those required to comply with these Canadian “lawful access” inquiries.
In 2023, the company disclosed data on some 162,000 customers to authorities under lawful access requests backed by warrants and government orders, a transparency report shows.
Salt Typhoon has gone after those same wiretap environments in the U.S., and likely abused those platforms when it directly targeted the communications of President Donald Trump and Vice President JD Vance during their run for the White House last year.
Last month, Canada’s cybersecurity agency released a bulletin warning that Salt Typhoon was targeting telecommunications firms in the country. “Three network devices registered to a Canadian telecommunications company were compromised by likely Salt Typhoon actors in mid-February 2025,” says the bulletin, which doesn’t name the firm.
The agency identified a 2023 vulnerability in Cisco routers that was used as an access point into the unnamed Canadian provider. Cisco equipment that has not been patched with the latest security updates has provided the Chinese telecom hackers with a wide access point into various communications systems, according to earlier assessments.
That same 2023 vulnerability is detailed in a Cisco threat intelligence blog released in February.
“While there have been some reports that Salt Typhoon is abusing three other known Cisco vulnerabilities, we have not identified any evidence to confirm these claims,” the blog said at the time, referring to the 2023 vulnerability in question, as well as two other flaws disclosed in 2018 and 2024.
U.S. security agencies marked Comcast and data center giant Digital Realty as likely Salt Typhoon victims, Nextgov/FCW reported last month. Comcast, notably, has a robust product partnership with Rogers. The same month, Bloomberg News also reported that satellite provider Viasat was accessed by the hackers.
Cyber authorities have sought to monitor and hamper Salt Typhoon’s infiltrations into communications networks, but the group has still succeeded in going global, targeting telecom units based in the United Kingdom, South Africa and Myanmar, among others nations.
Communications data is widely considered a prized intelligence target because it lets spies glimpse into the private deliberations of government officials or contractors involved in sensitive national security work.
“They want worldwide communications supremacy,” said a person familiar with the hacking unit’s activity, who was granted anonymity to speak candidly about the scope and scale of the Chinese hackers’ movements.
