Ericsson Inc., the U.S. subsidiary of Swedish networking and telecommunications large Ericsson, says attackers have stolen information belonging to an undisclosed variety of staff and prospects after hacking considered one of its service suppliers.
Headquartered in Stockholm and based in 1876, the mum or dad firm is a communications tech chief with practically 90,000 staff worldwide.
In data breach notification letters despatched to affected people and filed with the California Legal professional Basic on Monday, Ericsson stated {that a} service supplier who was storing private information for workers and prospects found a breach on April 28, 2025.
After detecting the incident, the service supplier notified the FBI and employed exterior cybersecurity specialists to evaluate the extent of the breach and its affect.
The investigation, which was accomplished final month, discovered that an undisclosed variety of people had their information uncovered within the incident. Nevertheless, Ericsson famous that the compromised supplier has but to seek out proof that the info has been misused because the breach.
“Based mostly on the investigation, our service supplier decided {that a} restricted subset of information might have been accessed or acquired with out authorization between April 17, 2025 and April 22, 2025,” Ericsson stated.
“As a part of its investigation, it retained exterior information specialists to conduct a complete overview of the potential affected information to determine any private data. That overview was accomplished on February 23, 2026 at which period we decided that that a few of your private data was contained throughout the affected information.”
In line with a submitting with the Texas Legal professional Basic, the breach impacted 4,377 people in Texas alone, whereas the uncovered data consists of affected people’ names, addresses, Social Safety Numbers, Driver’s License numbers, government-issued ID numbers (e.g., passport, state ID playing cards), monetary Data (e.g., account numbers, credit score or debit card numbers), medical Data, and dates of beginning.
Ericsson is now offering free IDX id safety providers, together with credit score monitoring, darkish net monitoring, id theft restoration, and a $1 million id fraud loss reimbursement coverage to affected individuals who enroll by June 9, 2026.
Though the corporate flagged this incident as an information theft assault, no cybercrime group has taken accountability for the breach. This raises the likelihood that both the service supplier paid the ransom demanded by the attackers or that the risk actors have been unable to attach the breach to Ericsson.
BleepingComputer reached out to an Ericcson spokesperson for extra particulars on the breach, together with the variety of affected people, however a response to those questions was not instantly obtainable.
Malware is getting smarter. The Crimson Report 2026 reveals how new threats use math to detect sandboxes and conceal in plain sight.
Obtain our evaluation of 1.1 million malicious samples to uncover the highest 10 strategies and see in case your security stack is blinded.
