Chinese intelligence services have penetrated email systems used by staff members working for key committees in the United States House of Representatives, according to officials familiar with the matter, marking one of the most significant congressional cyber intrusions disclosed in recent years. The operation, known internally as Salt Typhoon, is described as part of a long-running cyber-espionage campaign attributed to China’s Ministry of State Security.

Sources with knowledge of the investigation said the breach affected email accounts used by congressional staff supporting the House China Committee, as well as aides associated with the Foreign Affairs Committee, the Intelligence Committee, and the Armed Services Committee. The unauthorized access was discovered in December, prompting federal authorities to begin a broader review of congressional digital security practices and potential exposure of sensitive communications.

Officials emphasized that the compromised accounts belonged to staffers rather than elected lawmakers, and it remains unclear whether the personal email accounts of members of Congress were accessed during the intrusion. Nonetheless, the targeting of committees responsible for national security, foreign policy, and intelligence oversight has raised concerns about the scale and intent of the operation. Investigators are continuing to assess what data may have been viewed or extracted and whether the intrusion enabled further access to internal government systems.

Salt Typhoon is believed to be part of a sustained cyber campaign that has targeted US communications infrastructure for several years. According to individuals familiar with the operation, the tools and methods linked to the campaign have allowed Chinese intelligence to exploit vulnerabilities in telecommunications networks, providing access to unencrypted phone calls, text messages, and voicemail traffic across the United States. In certain circumstances, the same infrastructure has reportedly been used to gain entry into email systems.

Security officials have also indicated that communications involving senior US government figures may have been intercepted as part of this broader effort, underscoring the persistent nature of the threat. While the full scope of the intercepted material has not been publicly detailed, authorities view the campaign as a strategic intelligence-gathering effort rather than a short-term or isolated attack.

The incident highlights ongoing challenges facing US institutions as foreign intelligence agencies increasingly rely on cyber tools to collect information. Lawmakers and security experts have repeatedly warned that congressional offices, which often operate with limited technical resources compared with executive branch agencies, can present attractive targets for sophisticated adversaries seeking insight into policy deliberations and legislative priorities.

Federal agencies responsible for cybersecurity and counterintelligence are coordinating with congressional officials to strengthen defenses, review access controls, and improve monitoring of digital systems. The breach is expected to intensify calls for additional investment in cybersecurity protections for legislative offices and for closer cooperation between Congress and national security agencies in responding to advanced cyber threats.

As investigations continue, officials have stressed that the episode serves as a reminder of the evolving nature of cyber espionage and the need for constant vigilance in protecting sensitive government communications.