Ericsson Employee and Customer Data Exposed in Cybersecurity Breach
Data Breach at Third-Party Service Provider Exposes Ericsson Employee and Customer Information
A data breach at a third-party service provider has exposed sensitive personal information belonging to an undisclosed number of Ericsson employees and customers. The incident, which occurred between April 17 and April 22, 2025, was discovered on April 28, 2025, when the external provider detected unauthorized access to its systems.
Breach Details
According to Ericsson, the compromised provider was storing personal data on behalf of the company when attackers gained access to a subset of files without authorization. The company stated that the breach was limited to the service provider’s systems and did not affect Ericsson’s internal infrastructure.
According to Ericsson, the compromised provider was storing personal data on behalf of the company when attackers gained access to a subset of files without authorization.
An investigation into the breach, conducted by external cybersecurity specialists, revealed that the accessed files may have contained personal information, including names, addresses, Social Security numbers, driver’s license numbers, government-issued identification numbers, and dates of birth. Financial information, such as bank account numbers and credit or debit card numbers, was also potentially exposed. In some cases, medical information may have been included.
Impact and Response
A review of the compromised data, completed on February 23, 2026, confirmed that at least 4,377 individuals in Texas were affected by the breach. The total number of impacted individuals across all jurisdictions has not been publicly disclosed. Ericsson noted that while the data was accessed or acquired without authorization, t
About Author
English