China hacked the mobile phones of senior officials in Downing Street for several years, The Telegraph has reported.

The spying operation is understood to have compromised senior members of the government, exposing their private communications to Beijing.

State-sponsored hackers are known to have targeted the phones of some of the closest aides to Boris Johnson, Liz Truss and Rishi Sunak between 2021 and 2024.

Breach went ‘right into the heart of Downing Street’

It is unclear whether the hack included the mobile phones of the prime ministers themselves, but one source with knowledge of the breach said it went “right into the heart of Downing Street.”

Intelligence sources in the US indicated that the Chinese espionage operation, known as Salt Typhoon, was ongoing, raising the possibility that Sir Keir Starmer and his senior staff may also have been exposed. MI5 issued an “espionage alert” to Parliament in November about the threat of spying from the Chinese state.

Sir Keir departs for China this week – the first visit by a British prime minister since Baroness May in 2018 – to secure trade and investment ties with Beijing.

His trip follows the Government’s decision to approve plans for a Chinese mega-embassy in London, which The Express revealed would be located alongside some of the City’s most sensitive communications cables.

Critics accuse Labour of ‘simpering to Xi’

Critics have accused Labour of jeopardizing national security by taking a soft line on hostile Chinese activity in the hope of securing trade deals with the world’s second-largest economy.

Alicia Kearns, a shadow minister for national security and one of the alleged targets of the Westminster spy case, in which two men were charged with passing sensitive intelligence from Parliament to the Chinese government, said: “How much more evidence does this Government need before it ends its simpering to Xi and stands tall as the great country we are and defends us? Labour is rewarding hostile acts against our state.”

The attack raises the possibility that Chinese spies could have read text messages or listened to calls involving senior members of the Government.

Even if they were unable to eavesdrop on calls, hackers may have gained access to metadata, revealing who officials were in contact with and how frequently, as well as geolocation data showing their approximate whereabouts.

Global espionage operation targeted Five Eyes alliance

The Downing Street hack formed part of a global espionage operation by Beijing that targeted multiple countries, including the United States and the other three members of the Five Eyes intelligence alliance: Australia, Canada and New Zealand.

The breaches date back to at least 2021, but intelligence agencies discovered them only in 2024.

They came to light when the US disclosed that hacking groups linked to Beijing had gained access to telecommunications companies around the world.

This gave China access to the phone data of millions of people, offering intelligence officers the ability to eavesdrop on calls, read text messages and potentially track users’ locations.

Hackers had ability to ‘record phone calls at will’

The hackers also had the ability to “record phone calls at will”, according to Anne Neuberger, who was a deputy US national security adviser at the time.

China’s foreign ministry has previously dismissed the claims as “baseless” and “lacking evidence.”

It remains unclear precisely what information Chinese hackers obtained from the phones of Downing Street staff.

Intelligence sources suggested that Britain’s telecommunications networks were better protected than those in the US, saying the UK had been more “on the ball” about network security.

They cited the 2021 Telecommunications Security Act, which introduced new legal duties on telecoms firms to strengthen the security of UK networks.

However, one senior US official told The Telegraph that the global breach was part of “one of maybe the more successful campaigns in the history of espionage.”

FBI warns of persistent long-term access

In a public alert last year, the FBI warned that Chinese “state-sponsored cyber threat actors” were targeting global networks, including telecommunications, government and military infrastructure.

The stolen data “ultimately can provide Chinese intelligence services with the capability to identify and track their targets’ communications and movements around the world”, the alert said.

It added that hackers often “maintain persistent, long-term access” to networks, raising the possibility that the activity was ongoing.

The public advisory was co-signed by intelligence agencies from numerous countries, including the UK’s National Cyber Security Centre, the public-facing arm of GCHQ.

However, the only official confirmation that the Government has given that the UK was affected by Salt Typhoon is a vague reference to a “cluster of activity” in the UK.

By contrast, US officials have been vocal about the scale of the breach, admitting that Chinese hackers targeted Donald Trump, JD Vance and Kamala Harris in the run-up to the 2024 presidential election.

Multiple attacks targeted Sunak government

The Telegraph reported there were “many” different hacking attacks on the phones of Downing Street staff and across wider government, particularly during the tenure of Mr Sunak, who was prime minister from 2022 to 2024.

While serving as technology secretary last year, Peter Kyle said after coming into office that he “became very, very aware that there was a cybersecurity challenge that our country faced that I simply wasn’t aware of before becoming secretary of state.”

Dakota Cary, from the Atlantic Council’s Global China Hub, a US think tank focused on China’s threat, said: “Salt Typhoon has focused on telecommunications firms and the back-end of those networks so that they can pick up communications between individuals.

“We know that China has been interested in getting political intelligence on MPs and decision-making in British politics,” he said, citing the recent Westminster spy case.

Salt Typhoon ‘one of most prominent names’ in cyber-espionage

Western intelligence agencies describe Beijing as among the most skilled and aggressive adversaries in signals intelligence and cyber warfare.

Yuval Wollman, a former Israeli intelligence chief, said Salt Typhoon was “one of the most prominent names” in the cyber-espionage world.

Mr Wollman, now president of cybersecurity platform CyberProof, said: “While much of the public reporting has focused on US targets, Salt Typhoon’s operations have extended into Europe, the Middle East and Africa, where it has targeted telecoms firms, government entities and technology companies.”

He added that the operations were “highly targeted, with confirmed breaches across multiple regions, including UK critical infrastructure in 2023 and 2024.”

No China strategy

The strategic espionage campaign collected “communications routing and geolocation metadata from government and defense systems”, he said.

Last month, Parliament’s Intelligence and Security Committee found that the “Government has no strategy on China, let alone an effective one”, and was “singularly failing to deploy a ‘whole-of-state’ approach” in responding to the threat.

The Express reached out to Downing Street via its contact form for comment.

A spokesman for the Chinese embassy said: “China is a staunch defender of cyber security and one of the major victims of cyber espionage and attacks.

“We have been resolute in combating all kinds of malign cyber activities in accordance with the law, and never encourage, support or condone cyberattacks.

“We firmly oppose the practice of politicizing cybersecurity issues or accusing other countries without evidence.”