The US subsidiary of global telecommunications equipment and services giant Ericsson has disclosed a data breach affecting the personal information of thousands of individuals.
Ericsson said the breach occurred at a third-party service provider that detected unauthorized access to data on its systems in April 2025.
The unnamed service provider conducted an investigation and determined that files storing personal information may have been accessed between April 17 and 22, 2025.
The investigation into the incident was only completed in February 2026.
In a notice with the Maine Attorney General’s Office, Ericsson said the data breach impacts roughly 15,000 individuals.
“Please note that our service provider has represented to us that they have no evidence of the misuse of any potentially impacted information since the time of the incident,” Ericsson said.
However, “no evidence of misuse” is a standard disclaimer frequently issued by breached organizations, even in cases where stolen data is confirmed to have been publicly leaked.
Ericsson said it shares both employee and customer data with third-party service providers, but it has not specified which category is affected by this incident.
Related: Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign
Related: New LexisNexis Data Breach Confirmed After Hackers Leak Files
Related: 1.2 Million Affected by University of Hawaii Cancer Center Data Breach
