Ericsson Inc. says attackers stole employee and customer data after a breach at a third-party service provider, with unauthorized access occurring between April 17 and April 22, 2025. Investigators found exposed personal information including Social Security, driver’s license, financial and medical data, and Ericsson is offering free IDX identity protection while no threat actor has claimed responsibility. #Ericsson #IDX
Keypoints
- A service provider storing personal data for Ericsson’s U.S. unit detected a breach on April 28, 2025.
- Unauthorized access occurred between April 17–22, 2025 and impacted an undisclosed number of individuals.
- Exposed information includes names, addresses, Social Security and government ID numbers, financial and medical data, and dates of birth.
- Ericsson filed notifications with state attorneys general and is offering free IDX identity protection and monitoring to affected people.
- No cybercrime group has claimed responsibility, leaving ransom payment or misattribution as possible explanations.