ANAVEM
FR
Telecommunications server room with network equipment under red warning lights
MediumData Breaches

Ericsson US Hit by Data Breach Through Service Provider

Ericsson's U.S. subsidiary disclosed a data breach on March 9, 2026, after attackers compromised a third-party service provider and stole employee and customer data.

Emanuel DE ALMEIDA 9 Mar 2026, 20:07 2 min read 19 views 0 Comments

Last updated 9 Mar 2026, 23:18

Key Takeaways

  • Threat: Third-party service provider compromise led to data theft
  • Impact: Employee and customer data stolen, exact number undisclosed
  • Victim: Ericsson Inc., U.S. subsidiary of Swedish telecom giant
  • Timeline: Breach disclosed March 9, 2026

Ericsson US Confirms Third-Party Breach

Ericsson Inc., the American arm of Swedish telecommunications equipment maker Ericsson, disclosed today that attackers breached one of its service providers and accessed sensitive data. The company announced the incident on March 9, 2026, confirming that the breach originated from a compromised third-party vendor rather than Ericsson's own systems.

The attackers successfully infiltrated the service provider's infrastructure and extracted data belonging to both Ericsson employees and customers. Ericsson hasn't specified which service provider was compromised or provided details about the attack method used.

Employee and Customer Data Compromised

The breach impacted an undisclosed number of Ericsson employees and customers, though the company hasn't released specific figures. Ericsson operates as a major supplier of telecommunications infrastructure and services to carriers across the United States.

The stolen data's exact nature remains unclear, as Ericsson hasn't detailed what types of information the attackers accessed. The company serves numerous telecommunications providers and enterprise customers throughout the U.S. market.

Supply Chain Attack Highlights Vendor Risk

This incident represents another supply chain attack where cybercriminals targeted a less-secured third-party provider to reach their ultimate target. The breach demonstrates the ongoing challenge companies face in securing their extended vendor ecosystems.

Ericsson hasn't announced specific remediation steps or indicated whether law enforcement agencies are investigating the incident. The company also hasn't provided a timeline for when the breach occurred or how long attackers maintained access to the compromised systems.

Frequently Asked Questions

What happened in the Ericsson data breach?
Attackers compromised one of Ericsson's third-party service providers and stole employee and customer data from the U.S. subsidiary.
How many people were affected by the Ericsson breach?
Ericsson hasn't disclosed the exact number of affected employees and customers in the March 2026 breach.
Was Ericsson's own systems hacked directly?
No, the breach occurred through a compromised third-party service provider, not Ericsson's internal systems.
#ericsson#data-breach#supply-chain

About the Author

Emanuel DE ALMEIDA

Emanuel DE ALMEIDA

Senior IT Journalist & Cloud Architect

Microsoft MCSA-certified Cloud Architect | Fortinet-focused. I modernize cloud, hybrid & on-prem infrastructure for reliability, security, performance and cost control - sharing field-tested ops & troubleshooting.

Discussion

Share your thoughts and insights

You must be logged in to comment.

Log in
Loading comments...

Related Tutorials

Learn more about this topic with our step-by-step guides

How to Check if Your PC Has the New Secure Boot 2023 Certificates (Windows UEFI CA 2023)
Intermediate
Cybersecurity

How to Check if Your PC Has the New Secure Boot 2023 Certificates (Windows UEFI CA 2023)

Microsoft's three original Secure Boot certificates (issued in 2011) begin expiring in June 2026. Windows is automatically rolling out the replacement 2023 certificates (Windows UEFI CA 2023, Microsoft UEFI CA 2023, KEK 2K CA 2023) via Windows Update. This guide shows you exactly how to check if your Windows 10 or 11 PC has already received the new certificates — using one PowerShell command.

8 steps
IT administrator configuring USB blocking policies in Microsoft Intune admin center
Intermediate
Cybersecurity

How to Block USB Drives Using Microsoft Intune Attack Surface Reduction Policies

Configure Microsoft Intune Attack Surface Reduction policies to prevent USB drive access on Windows 10/11 devices, protecting against data breaches and malware threats through removable storage restrictions.

10 steps
IT administrator configuring Windows LAPS with Microsoft Intune on multiple monitors
Intermediate
Cybersecurity

How to Set Up Windows LAPS with Microsoft Intune for Enhanced Security

Configure Windows Local Administrator Password Solution (LAPS) with Microsoft Intune to automatically manage and secure local administrator passwords across Windows devices in your organization.

6 steps
All Tutorials

Related Intelligence

Enterprise network switch with security warning in server room
Critical
Vulnerabilities

HPE Patches Five Critical AOS-CX Flaws: RCE, Privilege Escalation and Session Hijacking

Mar 10, 06:30 PM2 min
Corrupted ZIP files with malicious code emerging on computer screen
Medium
Malware

Zombie ZIP: How Malformed Archives Let Malware Slip Past Antivirus and EDR Tools

Mar 10, 09:05 PM5 min
BeatBanker Android Banking Malware 2026: Fake Starlink App Steals Banking Credentials
High
Malware

BeatBanker Android Banking Malware 2026: Fake Starlink App Steals Banking Credentials

Mar 10, 10:27 PM2 min
Cybersecurity threat visualization showing compromised network infrastructure with warning indicators
High
Malware

BlackSanta EDR Killer: Russian Hackers Use HR Departments to Disable Enterprise Security Tools

Mar 10, 11:57 PM2 min