Ericsson’s U.S. operations have notified employees and customers that their personal information was stolen, not from the telecom giant directly, but from one of its external partners. The breach, discovered in early 2025, exposed names and Social Security numbers, prompting the company to offer identity protection services. This event underscores a persistent and expensive problem: a company's defenses are only as strong as its weakest vendor. Recent history is littered with examples, from the MOVEit file-transfer attacks to the SolarWinds campaign. A 2024 SecurityScorecard report noted that third-party vectors were involved in nearly 29% of all breaches, a number that continues to grow. For a company like Ericsson, which provides core network technology to major carriers, the implications are serious. While there's no sign that carrier networks like T-Mobile or AT&T were impacted, the theft of sensitive data from its systems raises alarms. This incident follows a year of heightened attacks on telecom infrastructure, including the 2024 Salt Typhoon campaign attributed to Chinese state-sponsored hackers. Ericsson has stated it is investigating with the vendor and law enforcement. The identity of the compromised partner, however, remains undisclosed, a common practice that leaves other companies in the dark about their own potential risks. The response from regulators, including a more assertive Federal Communications Commission, will be telling. So too will any changes Ericsson makes to its vendor contracts and oversight. Annual compliance audits are proving insufficient; continuous monitoring is becoming a necessity. For the individuals affected, the offer of credit monitoring is a temporary salve for a permanent problem: their data is now in the wild. For the industry, Ericsson’s breach is a fresh reminder that the next major security failure will likely come from a familiar, and often overlooked, direction.

Source: Webpronews