WASHINGTON — U.S. House officials and federal investigators are reviewing reports that staff email systems tied to several powerful House committees were compromised in an intrusion linked to Salt Typhoon, a hacking campaign widely attributed to China. The alleged breach, detected in December and reported publicly this week, has renewed concerns that core government communications remain exposed even after years of warnings about Salt Typhoon tactics, Jan. 10, 2026.
What investigators say about Salt Typhoon and the House email claims
The report, first detailed by the Financial Times account of the suspected intrusion, said attackers accessed email systems used by some staffers on the House China committee and aides on committees covering foreign affairs, intelligence and the armed services. Reuters reported it could not independently verify the claims, and the report did not identify which staffers were targeted or whether any lawmakers’ emails were accessed.
In a separate response, China rejected the accusations. At a regular briefing in Beijing, Foreign Ministry spokesperson Mao Ning said China opposes hacking and also opposes what she called “politically motivated disinformation” about China. The statement followed questions about the alleged Salt Typhoon activity aimed at congressional staff.
Salt Typhoon and the risk to congressional oversight work
Even without confirmation of data theft, cybersecurity specialists say congressional staff inboxes are high-value targets because committee aides routinely handle sensitive briefings, draft legislation and communicate with executive-branch agencies. Nextgov/FCW reported that key details remain unclear, including who was targeted and whether emails were exfiltrated, as agencies and congressional offices weigh the scope of the suspected Salt Typhoon activity.
The House committees cited in the reports oversee national security, intelligence collection, defense spending and U.S. policy toward China — areas that foreign intelligence services have long sought to map through cyberespionage. The episode also comes amid broader U.S. scrutiny of telecom and cloud-service vulnerabilities that can enable long-dwell access and surveillance associated with Salt Typhoon-style operations.
Earlier Salt Typhoon warnings add context
The alleged House email breach would extend a pattern described in earlier public reporting and government actions. In late 2024, the White House confirmed a ninth U.S. telecom company had been hit in what officials described as a wide-ranging Salt Typhoon espionage campaign affecting calls and texts.
In January 2025, the Treasury Department announced sanctions that included a China-based cybersecurity company it said had direct involvement with the Salt Typhoon cyber group. The Congressional Research Service later outlined how the Salt Typhoon telecom intrusions and federal response could shape Congress’ cybersecurity and risk-management choices.
For now, officials have not publicly described what systems were affected on Capitol Hill, what security controls were bypassed, or what remediation steps are underway. But the allegations have already intensified calls from lawmakers and cybersecurity advocates for faster threat-hunting, stronger authentication and clearer incident reporting across the legislative branch — steps aimed at making the next Salt Typhoon-style operation harder to execute and easier to detect.
