Ericsson's U.S. subsidiary recently disclosed a data breach resulting from a cyberattack on one of its external service providers. The incident led to the unauthorized access of personal data belonging to an undisclosed number of employees and customers.
The breach was first detected by the service provider on April 28, 2025, after they identified suspicious activity on their systems. Upon discovery, the provider immediately launched an investigation with the help of outside cybersecurity experts and notified the Federal Bureau of Investigation. The company also implemented new security measures to harden its infrastructure and prevent similar vulnerabilities from being exploited in the future.
The parent company, a Swedish multinational leader in telecommunications, plays a critical role in global infrastructure by providing 5G, cloud, and IoT solutions. Because it manages significant digital transformation and connectivity services for operators worldwide, any security incident involving its subsidiaries or partners is closely monitored. This specific breach highlights the ongoing risks associated with third-party vendors in the telecom sector.
A detailed forensic analysis revealed that the unauthorized access occurred over a five-day window between April 17 and April 22, 2025. Although the provider worked quickly to contain the threat, a subsequent review of the compromised files was a lengthy process that concluded in February 2026. This review confirmed that a specific subset of files containing personal information had been accessed, though no evidence of identity theft or data misuse has been reported so far.
In response to the exposure, Ericsson is providing affected individuals with identity protection services through a third-party monitor. These services include credit and dark web monitoring, recovery assistance, and insurance coverage for identity fraud losses, provided that individuals enroll before the June 2026 deadline. Despite the breach, no known ransomware groups have stepped forward to claim responsibility for the intrusion.
Source: Ericsson US Confirms Data Breach Following Third-Party Provider Attack