Ericsson Breach Exposes Data of 15k Employees and Customers

Ericsson Breach Exposes Data of 15k Employees and Customers

https://www.infosecurity-magazine.com/news/ericsson-breach-exposes-data-15k/

Publish Date: 2026-03-10 11:00:00

Source Domain: www.infosecurity-magazine.com

A data breach affecting 15,661 Ericsson Inc. employees and customers has been disclosed after attackers compromised a third-party service provider used by the company.

The incident involved unauthorised access to files containing personal information, according to breach notifications filed with US state authorities.

Ericsson Inc. is the US subsidiary of Swedish telecommunications and networking firm, Telefonaktiebolaget LM Ericsson. The Stockholm-headquartered company employs nearly 90,000 people globally and provides network infrastructure, software and services to telecom operators.

The breach was reportedly detected on April 28, 2025, when the service provider identified suspicious activity on its systems. Investigators later determined that files may have been accessed without permission between April 17 and April 22, 2025.

Investigation and Scope of the Incident

The  Ericsson Inc. launched an investigation with the assistance of external cybersecurity specialists and also notified the FBI. A detailed review of potentially affected files was completed on February 23, confirming that personal information belonging to Ericsson employees and customers had been exposed.

“Based on the investigation, our service provider determined that a limited subset of files may have been accessed or acquired without authorization,” the company said. “As part of its investigation, it retained external data specialists to conduct a comprehensive review of the [potentially] affected files.”

Read more on data breaches: The 10 Biggest Data Breach Fines and Settlements of 2025

A filing with the Texas Attorney General on March 9 indicated that 4377 state residents were among those impacted. While the total number of affected individuals stands at 15,661, Ericsson noted that investigators have not identified evidence that the stolen information has been misused.

The types of data potentially exposed include:

• Names and addresses

• Social Security…

Source