Ericsson Vendor Breach Exposes Personal Data of Over 15,000 Individuals
On 28 April 2025, Ericsson disclosed a security incident involving a third-party vendor, which detected a suspicious event potentially linked to unauthorized access to data on its systems. The breach did not affect Ericsson’s internal infrastructure but occurred at a vendor handling sensitive information.
An investigation revealed that an unauthorized party may have accessed a limited set of files between 17–22 April 2025, with the probe concluding on 23 February 2026. While the vendor reported no evidence of data misuse, regulatory filings confirmed that personal information of over 15,000 individuals was exposed.
Ericsson promptly notified US regulators and implemented enhanced security measures to mitigate future risks. The incident underscores the growing threat to telecom providers, which handle vast amounts of sensitive data, making them prime targets for cybercriminals. Industry experts, including James Neilson, SVP of Global at OPSWAT, noted that such breaches highlight the need for robust vendor security protocols in high-risk sectors.
Source: https://cybermagazine.com/news/ericsson-data-breach
Ericsson cybersecurity rating report: https://www.rankiteo.com/company/ericsson
"id": "ERI1773189089",
"linkid": "ericsson",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '15,000+',
'industry': 'Telecommunications',
'name': 'Ericsson',
'type': 'Telecommunications company'}],
'attack_vector': 'Third-party vendor compromise',
'data_breach': {'number_of_records_exposed': '15,000+',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Personal information'},
'date_detected': '2025-04-28',
'date_publicly_disclosed': '2025-04-28',
'date_resolved': '2026-02-23',
'description': 'Ericsson disclosed a security incident involving a '
'third-party vendor, which detected a suspicious event '
'potentially linked to unauthorized access to data on its '
'systems. The breach did not affect Ericsson’s internal '
'infrastructure but occurred at a vendor handling sensitive '
'information. An investigation revealed that an unauthorized '
'party may have accessed a limited set of files between 17–22 '
'April 2025, with the probe concluding on 23 February 2026. '
'While the vendor reported no evidence of data misuse, '
'regulatory filings confirmed that personal information of '
'over 15,000 individuals was exposed.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'third-party breach',
'data_compromised': 'Personal information of over 15,000 '
'individuals',
'identity_theft_risk': 'High',
'systems_affected': 'Vendor systems'},
'investigation_status': 'Concluded',
'lessons_learned': 'The incident underscores the growing threat to telecom '
'providers and the need for robust vendor security '
'protocols in high-risk sectors.',
'post_incident_analysis': {'corrective_actions': 'Enhanced security measures',
'root_causes': 'Third-party vendor compromise'},
'recommendations': 'Implement stronger vendor security protocols and '
'continuous monitoring of third-party systems.',
'references': [{'source': 'Industry expert (James Neilson, SVP of Global at '
'OPSWAT)'}],
'regulatory_compliance': {'regulatory_notifications': 'US regulators'},
'response': {'communication_strategy': 'Regulatory notifications and public '
'disclosure',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Enhanced security measures'},
'title': 'Ericsson Vendor Breach Exposes Personal Data of Over 15,000 '
'Individuals',
'type': 'Data Breach'}