Ericsson Discloses Major Data Breach Impacting Employees and Customers
Swedish telecommunications giant Ericsson has confirmed a cyber incident in April 2025 that may have compromised sensitive personal and financial data belonging to employees and customers. The breach, disclosed in a formal notification to the California Attorney General’s office, exposed names, addresses, phone numbers, Social Security numbers, driver’s license details, and in some cases, credit card information and medical data.
Ericsson attributed the attack to a state-sponsored threat actor, though it did not publicly identify the group. Such actors typically target large corporations for espionage, fraud, or other malicious purposes. Following the breach, the company launched an internal investigation with cybersecurity experts to assess the scope and reinforce its security measures.
To mitigate potential harm, Ericsson is offering affected individuals free identity protection services through IDX, including credit and dark web monitoring, as well as identity theft recovery support. Eligible individuals can also receive up to $1 million in identity fraud reimbursement. Those impacted have until June 9, 2026, to register for these services.
The company has stated it is enhancing its cybersecurity protocols to prevent future incidents.
Ericsson cybersecurity rating report: https://www.rankiteo.com/company/ericsson
"id": "ERI1773160822",
"linkid": "ericsson",
"type": "Breach",
"date": "4/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Employees and customers',
'industry': 'Telecommunications',
'location': 'Sweden',
'name': 'Ericsson',
'type': 'Corporation'}],
'customer_advisories': 'Offering free identity protection services through '
'IDX, including credit and dark web monitoring, '
'identity theft recovery support, and up to $1 million '
'in identity fraud reimbursement. Eligible individuals '
'have until June 9, 2026, to register.',
'data_breach': {'personally_identifiable_information': ['Names',
'Addresses',
'Phone numbers',
'Social Security '
'numbers',
'Driver’s license '
'details',
'Credit card '
'information'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal data',
'Financial data',
'Medical data']},
'date_detected': '2025-04',
'description': 'Swedish telecommunications giant Ericsson has confirmed a '
'cyber incident in April 2025 that may have compromised '
'sensitive personal and financial data belonging to employees '
'and customers. The breach exposed names, addresses, phone '
'numbers, Social Security numbers, driver’s license details, '
'and in some cases, credit card information and medical data.',
'impact': {'data_compromised': 'Sensitive personal and financial data',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Ongoing',
'motivation': ['Espionage', 'Fraud'],
'post_incident_analysis': {'corrective_actions': 'Enhancing cybersecurity '
'protocols'},
'references': [{'source': 'California Attorney General’s office '
'notification'}],
'regulatory_compliance': {'regulatory_notifications': 'California Attorney '
'General’s office'},
'response': {'communication_strategy': 'Formal notification to the California '
'Attorney General’s office',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Enhancing cybersecurity protocols',
'third_party_assistance': 'Cybersecurity experts'},
'threat_actor': 'State-sponsored threat actor',
'title': 'Ericsson Major Data Breach Impacting Employees and Customers',
'type': 'Data Breach'}