Sweden-based telecommunications giant Ericsson, which has a significant business presence in the United States, has disclosed that some of its employee and customer data may have been compromised during a cyber incident that occurred in April 2025. The company recently revealed the details in an official statement after submitting a formal data breach notification to the California Attorney General’s office.
According to the company, the breach may have exposed a range of sensitive personal and financial information belonging to certain employees and customers. The potentially compromised data includes names, residential addresses, phone numbers, and highly sensitive identifiers such as Social Security numbers and driver’s license numbers. In addition, the incident may have also involved the unauthorized access of financial information, including credit card and debit card details. In some cases, the attackers may have gained access to medical-related information connected to individuals associated with the company.
Ericsson stated that the breach was likely carried out by cybercriminals linked to a state-sponsored threat actor. While the company has not publicly named the group believed to be responsible, such attacks are typically associated with highly organized hacking groups that are often backed or supported by nation-states. These groups generally target large corporations or critical infrastructure to obtain sensitive data that could later be used for espionage, fraud, or other malicious activities.
Following the discovery of the breach, Ericsson launched an internal investigation with the help of cybersecurity experts to determine the scope of the incident and to strengthen its security systems. The company also began notifying potentially affected individuals as required under U.S. data protection and breach disclosure laws.
To assist those who may have been impacted, Ericsson is offering affected individuals free identity protection services through IDX, a well-known identity security provider. The services include credit monitoring to detect suspicious financial activity, dark web monitoring to identify whether stolen personal information is being traded or misused online, and professional identity theft recovery support in case victims experience fraud or identity-related crimes.
Individuals who believe they may have been affected are encouraged to register for these protection services before June 9, 2026. In addition to the monitoring services, Ericsson is also providing eligible individuals with an identity fraud reimbursement policy of up to $1 million. This coverage is intended to help victims recover financial losses and cover certain expenses related to identity theft or fraud resulting from the breach.
The company has emphasized that it remains committed to protecting user data and is continuing to enhance its cybersecurity measures to prevent similar incidents in the future.
Join our LinkedIn group Information Security Community!
