Ericsson US confirms breach after third-party provider attack
March 10, 2026 
Ericsson US reports a data breach after attackers hacked a service provider, exposing employee and customer information.
Ericsson Inc., the U.S. branch of the Swedish telecom giant, disclosed a data breach after a service provider was hacked. The attack compromised the personal information of an unspecified number of employees and customers.
“On April 28, 2025, our service provider became aware of a suspicious event that may have involved potential unauthorized access to certain data on their system. It promptly initiated an investigation with the assistance of external cybersecurity specialists.” reads the data breach notification letter shared with the California Attorney General. “It also notified the Federal Bureau of Investigation and implemented measures to enhance security and minimize the risk of a similar incident occurring in the future.”
Ericsson is a Swedish multinational networking and telecommunications company that provides mobile and fixed network infrastructure, software, and services. It supports telecom operators worldwide with 5G, IoT, and cloud solutions, enabling connectivity, digital transformation, and advanced communication technologies.
Between April 17 and 22, 2025, a service provider experienced potential unauthorized access to certain files. After the breach, the service provider notified the FBI and started investigating the incident with the help of cybersecurity experts. The investigation found that some data was exposed, but no misuse has been detected to date.
“Based on the investigation, our service provider determined that a limited subset of files may have been accessed or acquired without authorization between April 17, 2025 and April 22, 2025,” continues the notification. “As part of its investigation, it retained external data specialists to conduct a comprehensive review of the potential affected files to identify any personal information. That review was completed on February 23, 2026 at which time we determined that that some of your personal information was contained within the affected files.”
The company offers affected individuals complimentary identity protection services through IDX, including credit monitoring, dark web monitoring, identity theft recovery, and a $1 million identity fraud loss reimbursement policy, available to those who enroll by June 9, 2026.
At this time, no ransomware group claimed responsibility for the breach.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Ericsson)
