A data breach notification filed with the California Attorney General said a service provider storing personal data discovered a breach on April 28, 2025 that exposed data for an undisclosed number of Ericsson Inc. employees and customers.
KEY FACTS
- Incident Data theft after a service provider was hacked
- Discovery Provider detected breach on April 28, 2025
- Impact 4,377 affected in Texas alone
- Response Free identity protection and $1 million reimbursement offer for affected people
The service provider that stored employee and customer files notified the FBI and retained external cybersecurity experts to investigate. The provider determined a limited subset of files may have been accessed without authorization between April 17, 2025 and April 22, 2025.
The investigation completed on February 23, 2026 and identified that some affected files contained personal information. The disclosure said the provider has not found evidence that the data has been misused since the breach.
Exposed information included names, addresses, Social Security Numbers, driver’s license and other government ID numbers, financial information, medical information, and dates of birth. The breach notification did not provide a companywide total for affected individuals.
Ericsson is offering free IDX identity protection services to affected people who enroll by June 9, 2026. The services include credit monitoring, dark web monitoring, identity theft recovery, and a $1 million identity fraud loss reimbursement policy.
WHY IT MATTERS
The incident highlights risks when third party providers hold sensitive employee and customer data and shows the potential for widespread exposure of identity and financial information. Affected people have been offered monitoring and reimbursement to reduce potential harm.