Ericsson Inc., the US branch of Swedish telecommunications giant Ericsson, has revealed a data breach that put private financial and personal information of 15,661 employees and customers at risk This article explores public breach ericsson. . The problem didn't happen because Ericsson's internal infrastructure was compromised; it happened because a third-party service provider that was responsible for processing and storing sensitive data about Ericsson's U.S. operations had a security breach.

Vishing Attack Allowed Unwanted Access Regulatory filings sent to U.S. authorities show that the breach was caused by a cyberattack that was aimed at the external vendor.

Through a "vishing" (voice phishing) attack, which is a type of social engineering where attackers pretend to be trusted people over the phone to get employees to give them their login information or let them into the system, threat actors were able to get into the vendor's systems. The attackers were able to get into the vendor's systems and access files between April 17 and April 22, 2025, thanks to this method. The service provider didn't notice the unauthorized activity for a few days, but they did notice something strange on April 28, 2025.

After the discovery, the vendor started an internal investigation and hired outside cybersecurity experts to find out how big the breach was and what kinds of data may have been exposed.

Even though the vendor found the breach early, Ericsson didn't officially find out about it until November 10, 2025. For several months, a thorough forensic investigation and data review process went on to find out who was affected and what information was made public. The study ended on February 23, 2026.

Personal and financial information that is sensitive was made public. The breach revealed a lot of very private information about Ericsson employees and customers.

Data that has been compromised may include: Full names, addresses where they live, and dates of birth Numbers for Social Security (SSNs) and driver's licenses Passports and state IDs are examples of government-issued IDs. Financial data, like credit or debit card numbers and bank account numbers Some medical or health-related information Even though the attackers got this information, there is no proof that the stolen data has been used in a bad way or made public. After the breach was found, both Ericsson and the service provider that was affected took steps to limit the damage and improve security.

Important actions to take in response are: Law enforcement notification: The vendor told the Federal Bureau of Investigation (FBI) about the incident so they could help find and keep an eye on the attackers.

To lower the risk of social engineering attacks, the vendor made password resets mandatory, made system security controls stronger, and expanded cybersecurity awareness training. Identity protection services: Ericsson is giving people who were affected free identity protection services through IDX. These services include monitoring your credit, the dark web, and identity theft insurance that covers up to $1 million.

People who are affected must sign up by June 9, 2026. The event shows how supply chain and third-party vendor relationships are becoming more and more dangerous. Even when big companies have strong security measures in place, hackers can still go after outside partners who may not have as strong security.