News
According to a filing, attackers may have accessed data from 15,000 customers and employees
This week, Ericsson has revealed that a service provider that was storing the personal data of its US subsidiary, Ericsson Inc., has experienced a cyberattack.
The breach occurred between April 17 and 22, 2025 and was discovered six days later, on April 28.
Following discovery, the vendor notified the FBI and hired external cybersecurity experts to investigate.
This investigation was completed on February 23, 2026.
Data belonging to 15,661 individuals was compromised in the incident, with exposed data includes names, addresses, Social Security Numbers, Driver’s License numbers, government-issued ID numbers (e.g., passport, state ID cards), financial Information (e.g., account numbers, credit or debit card numbers), medical Information, and dates of birth.
No bad actor has yet taken responsibility for the attack and Ericsson says there is no evidence of misuse so far.
“Based on the investigation, our service provider determined that a limited subset of files may have been accessed or acquired without authorization between April 17, 2025 and April 22, 2025,” Ericsson said in statement to customers.
“As part of its investigation, it retained external data specialists to conduct a comprehensive review of the potential affected files to identify any personal information. That review was completed on February 23, 2026 at which time we determined that that some of your personal information was contained within the affected files.”
Ericsson is offering affected customers free IDX identity protection services, including credit monitoring, dark web monitoring, identity theft recovery, and a $1 million identity fraud loss reimbursement policy to those who enrol by June 9, 2026
Also in the news
World Communication Award Winners 2025
Ofcom clears the way for satellite-to-smartphone services
LG Uplus’s AI voice call app glitch leaks user data
