FBI Declares China-Linked Hack of Surveillance Data System a 'Major Incident'

The FBI has declared a recent China-linked intrusion into a system containing sensitive law enforcement surveillance data a major incident, Politico reported Wednesday, citing sources familiar with the determination. The compromised system held pen register and trap and trace surveillance returns -- records that log the metadata of communications, including phone numbers dialed, call durations, and connection timestamps, without capturing the content of conversations. This data can be used to map the communications networks of surveillance targets and is considered highly sensitive by intelligence and law enforcement agencies. The FBI's designation of the breach as a major incident signals that the agency has determined hackers successfully exfiltrated significant volumes of data stored directly on its systems. Under federal cybersecurity policy, a major incident designation triggers mandatory reporting to congressional oversight bodies and the Office of Management and Budget. The breach is the latest in a series of Chinese state-linked intrusions into U.S. government and telecommunications infrastructure. The Salt Typhoon campaign, disclosed in late 2024, compromised major U.S. telecom carriers and gave Chinese intelligence access to call records and wiretap infrastructure. A separate operation attributed to China breached the U.S. Treasury Department. The exposure of FBI surveillance metadata is particularly sensitive because it could allow Chinese intelligence to identify which individuals and organizations are under U.S. law enforcement scrutiny, potentially alerting assets and compromising ongoing investigations. Politico reported the FBI's major incident declaration on April 1, 2026.