On November 7, 2024, the Consumer Financial Protection Bureau (CFPB) issued a directive to its employees regarding the use of personal mobile devices for work-related communications.

The CFPB warned against conducting sensitive work calls via personal mobile devices, emphasizing the need for secure platforms like Microsoft Teams and Cisco WebEx for meetings involving nonpublic data.

While there is no evidence that the CFPB has been specifically targeted, the agency stressed the importance of compliance with security measures to mitigate potential risks.

The directive comes in the wake of a series of hacks by Salt Typhoon, a Chinese government-backed hacking group that has targeted major U.S. telecommunications companies.

Initial reports indicate that the attackers may have exfiltrated recorded phone audio and data from high-profile individuals, including those linked to U.S. presidential campaigns.

Recent cyber incidents, including a zero-day exploit in Cisco's NX-OS, underscore ongoing vulnerabilities that China-linked groups are exploiting.

This warning extends to contractors working for the CFPB, highlighting the seriousness of the situation.

Details about the Salt Typhoon intrusions remain largely undisclosed, but reports suggest that the group has gained access to sensitive communications and data from key U.S. political figures.

The directive reflects broader federal concerns regarding the extensive impact of Salt Typhoon's intrusions on U.S. government communications.

Experts are investigating whether the attackers accessed critical network components, although a Cisco representative stated there is currently no evidence of such involvement.

The Salt Typhoon campaign is characterized by intelligence gathering rather than infrastructure disruption, distinguishing it from other China-linked groups.

In response to the ongoing threat, U.S. officials have begun to limit their phone usage, reflecting heightened security concerns.