Ericsson recently disclosed a significant cybersecurity breach involving its U.S. subsidiary, Ericsson Inc. A third-party service provider storing sensitive personal data faced a cyberattack, potentially exposing the information of about 15,000 customers and employees. The breach occurred between April 17 and 22, 2025 and went unnoticed until it was detected on April 28, 2025.
Upon discovering the breach, the service provider promptly notified the FBI and enlisted external cybersecurity experts to investigate. The comprehensive investigation concluded on February 23, 2026, confirming the compromise of personal data. This included sensitive information like names, addresses, Social Security Numbers, driver’s licenses, government-issued IDs, financial records, medical data, and birthdates. Presently, there is no evidence of the data being misused, and no group or individual has claimed responsibility.
The investigation revealed access to a limited subset of files during the breach period. Ericsson expressed its concern over the incident, stating, “Based on the investigation, our service provider determined that a limited subset of files may have been accessed or acquired without authorization between April 17, 2025, and April 22, 2025.”
In response, Ericsson is offering affected individuals complimentary identity protection services via IDX. These services include credit and dark web monitoring, identity theft recovery assistance, and a $1 million identity fraud loss reimbursement for enrollees by June 9, 2026.
While this breach underscores potential vulnerabilities in utilizing third-party data storage services, it also highlights the swift measures taken post-discovery. The incident serves as a vivid reminder to all businesses of the importance of robust cybersecurity measures and proactive monitoring. Balancing the convenience of third-party solutions with stringent security protocols is essential in today’s digital landscape.
For telecommunications experts, this breach reiterates the importance of vigilance and ongoing investment in cybersecurity. As the industry continues to grow, ensuring the security and privacy of customer and employee information remains paramount.
