nextgov.com - July 9, 2025 09:30 AM ET
Rogers is Canada’s top wireless provider and is among that nation’s core telecom firms mandated to comply with Canadian lawful access rules, which require them to share user data with investigators.
Canadian telecom and mass media provider Rogers Communications was identified as a firm ensnared by a major Chinese hacking group that has targeted dozens of communications firms worldwide, according to two people familiar with the matter.
The group, known as Salt Typhoon, was discovered inside a batch of American telecom operators last year and first brought to light by the Wall Street Journal in late September. The campaign likely began around two to three years ago and has expanded rapidly since.
It’s not immediately clear what data, assets or other information were pilfered from Rogers networks. The people spoke on the condition of anonymity because the matter is sensitive.
“These allegations are false. We were not compromised by Salt Typhoon and this has been verified by two independent cyber security firms. As part of ongoing work, we partner with government and industry to proactively monitor and investigate potential threats,” a company spokesperson said.
"It’s important to note that if the Cyber Centre is aware of cyber threat activity in Canada, we alert the organization and provide mitigation support, advice and guidance," a spokesperson for the Canadian Centre for Cyber Security said, noting that they do not comment on specific or alleged cyber incidents but pointing to advisories they have issued about the threat posed by Salt Typhoon.
"Through the Canadian Security Telecommunications Advisory Committee (CSTAC), the Cyber Centre and its government partners regularly and actively engage with Canadian telecommunications service providers and key equipment suppliers to help ensure the security of Canadian critical telecommunications infrastructure," they said.
Rogers is the country’s top wireless provider and boasts some 20 million subscribers across its various services, a company webpage says. Over 60% percent of Canadian households rely on its internet, it notes. It also has extensive contracts with Canada’s government.
Canada, like many countries with robust telecom networks, has laws that let federal investigators compel providers to turn over communications metadata on individuals suspected of criminal activity, hacking or espionage. Rogers is among those required to comply with these Canadian “lawful access” inquiries.
In 2023, the company disclosed data on some 162,000 customers to authorities under lawful access requests backed by warrants and government orders, a transparency report shows.
Salt Typhoon has gone after those same wiretap environments in the U.S., and likely abused those platforms when it directly targeted the communications of President Donald Trump and Vice President JD Vance during their run for the White House last year.
Last month, Canada’s cybersecurity agency released a bulletin warning that Salt Typhoon was targeting telecommunications firms in the country. “Three network devices registered to a Canadian telecommunications company were compromised by likely Salt Typhoon actors in mid-February 2025,” says the bulletin, which doesn’t name the firm.
The agency identified a 2023 vulnerability in Cisco routers that was used as an access point into the unnamed Canadian provider. Cisco equipment that has not been patched with the latest security updates has provided the Chinese telecom hackers with a wide access point into various communications systems, according to earlier assessments.
That same 2023 vulnerability is detailed in a Cisco threat intelligence blog released in February.
