Ericsson US Unit Reports Data Breach Tied To Third-Party Service Provider

Ericsson’s U.S. subsidiary reported a data breach affecting employees and customers, caused by an unnamed service provider which occurred last April and said it contacted the FBI, but said an investigation found no evidence of misuse.

The U.S. subsidiary of Swedish multinational networking and telecommunications company Ericsson Monday sent notices to California and Texas state officials to report that private information of some of its employees and customers was breached.

Ericsson, in a letter to some of its employees and customers which was also posted on the state of California Department of Justice website, wrote that a limited subset of files may have been accessed or acquired without authorization between April 17 and April 22 of 2025.

Ericsson, responding to a CRN inquiry, wrote in an email that it was not Ericsson that was breached, but instead it was a vendor of the company’s that was actually breached.

The company did not respond with more details by press time.

Ericsson, in its California report, blamed the incident on an unnamed service provider, which then contacted the FBI.

“On April 28, 2025, our service provider became aware of a suspicious event that may have involved potential unauthorized access to certain data on their system. It promptly initiated an investigation with the assistance of external cybersecurity specialists. It also notified the Federal Bureau of Investigation and implemented measures to enhance security and minimize the risk of a similar incident occurring in the future,” the company wrote.

The private and personal data potentially exposed by the breach so far seems to have not been misused, Ericsson wrote.

“[The security] review was completed on February 23, 2026 at which time we determined that that some of your personal information was contained within the affected files. Please note that our service provider has represented to us that they have no evidence of the misuse of any potentially impacted information since the time of the incident,” the company wrote.

The letter as posted was a form letter with a number of fields incomplete, including the exact data elements impacted by the breach.

In addition to the letter posted with the state of California Department of Justice, Ericsson also reported the breach to the Texas attorney general’s office. In that report, Ericsson said 4,377 Texans were sent letters by mail. Information impacted by the breach, according to the report, included names, address social security number, driver’s license number, government-issued ID number such as passport or state ID card, financial information, medical information, and date of birth.

Ericsson said it is providing those impacted by the breach with complimentary identity protection services through IDX, include an unspecified number of months of credit monitoring, dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully managed identity theft recovery services, as long as they enroll in those services by this coming June 9.