Cyber Incident Victim: Ericsson

Between April 17 and April 22, 2025, a third‑party service provider that stored personal data for Ericsson Inc., the US subsidiary of Ericsson, experienced unauthorized access to its systems. The provider detected the breach and reported it six days later, on April 28, 2025. Following detection, the vendor notified the Federal Bureau of Investigation and engaged external cybersecurity experts to conduct an investigation. The investigation was concluded on February 23, 2026.

The provider’s review determined that a limited subset of files may have been accessed or acquired without authorization during the April 17‑22 window, exposing personal information of 15,661 individuals. The compromised data included names, addresses, Social Security Numbers, driver’s license numbers, government‑issued identification numbers such as passports or state IDs, financial information like account numbers and credit or debit card numbers, medical information, and dates of birth. Ericsson stated that there is no evidence of misuse of the exposed data so far and that no threat actor has claimed responsibility for the incident. The company also noted that it shares both employee and customer data with third‑party providers but has not specified which category was affected in this breach.

In a filing with the Maine Attorney General’s Office, Ericsson reported that the breach impacts roughly 15,000 individuals, aligning with the provider’s findings. To assist those affected, Ericsson is offering free IDX identity protection services, which encompass credit monitoring, dark web monitoring, identity theft recovery, and a $1 million identity fraud loss reimbursement policy for individuals who enroll by June 9, 2026. The company indicated that the provider’s investigation concluded on February 23, 2026, and that the review of potentially affected files was completed at that time, confirming that some personal information was contained within the accessed files.