Email systems used by staff members of several committees in the United States House of Representatives were accessed in a cyberespionage operation attributed to hackers linked to China, according to information reviewed by US authorities. The incident affected staff working on committees that handle foreign policy, national security, and defence matters.
The activity has been attributed to Salt Typhoon, a cyberespionage group associated with China. Salt Typhoon is known for targeting government and telecommunications networks to collect sensitive information. Investigators said the group gained access to email accounts used by congressional staff rather than the personal accounts of elected lawmakers.
The affected committees include the House China Committee, the House Foreign Affairs Committee, the House Intelligence Committee, and the House Armed Services Committee. These committees oversee legislation and investigations related to diplomacy, military policy, and intelligence operations. Officials said it remains unclear how many individual staff accounts were accessed.
US authorities identified the intrusion in late 2025 during routine security monitoring. The breach is understood to have involved unauthorised access to email communications rather than the disruption of systems. There has been no public indication that classified systems were affected.
Chinese officials rejected the claims. A spokesperson for the Chinese Embassy in Washington said the allegations lacked evidence and described them as unfounded. China has consistently denied involvement in state-sponsored hacking operations.
US government agencies have not released detailed findings from the investigation. Representatives for the affected House committees said they were aware of the issue and were working with federal cybersecurity officials to assess the scope and impact. The Federal Bureau of Investigation declined to comment publicly on the matter.
Congressional staff are considered high-value targets for foreign intelligence services because of their access to sensitive policy discussions and internal communications. Previous cyber incidents have shown that foreign actors often focus on email systems to gather insight into legislative priorities and diplomatic strategies.
The incident highlights ongoing concerns about the security of digital communications used by lawmakers and their aides. While Congress has increased investment in cybersecurity in recent years, staff offices often rely on shared systems that can present attractive targets for foreign intelligence operations.
US officials said the investigation is ongoing and that steps are being taken to strengthen protections around congressional email systems. No further details have been released about the methods used in the intrusion or the information that may have been accessed.