Ericsson Inc. Data Breach

On March 9, 2026, Ericsson Inc. (“Ericsson”), the U.S. subsidiary of multinational telecommunications company TELEFONAKTIEBOLAGET LM ERICSSON, submitted notice of a data security incident involving one of its third‑party service providers. According to the regulatory filing, the service provider experienced a vishing‑related security breach that resulted in unauthorized access to certain data belonging to individuals associated with Ericsson.

The service provider detected suspicious activity on April 28, 2025, and quickly engaged cybersecurity specialists, notified the FBI, initiated a forced password reset, and launched a forensic investigation. The investigation revealed that a limited amount of information may have been accessed or acquired by an unauthorized actor between April 17, 2025 and April 22, 2025.

Ericsson is a Swedish multinational networking and telecommunications company, founded in 1876, that provides infrastructure, software, and services for mobile/fixed network operators. A leader in 5G, over 40% of the world’s mobile traffic passes through their network equipment. 

On November 10, 2025, the service provider informed Ericsson that data associated with Ericsson was impacted. Ericsson and the provider then worked to confirm affected individuals and addresses, completing the review on February 23, 2026. Ericsson states that neither it nor the service provider has evidence of misuse of the affected information.

If you received a Data Breach Notification Letter from Ericsson, it confirms that some of your personal information may have been accessed without authorization.

What information is involved in the Bell Ambulance Data Breach?

Compromised information may include:

Ericsson holds personal data of employees, customers, and other associated parties, which it sometimes shares with service providers. Compromised PII such as names and Social Security numbers can expose individuals to identity theft, financial fraud, tax fraud, and other forms of misuse.

Your Personally Identifiable Information (PII) includes details that can uniquely identify you. When compromised, this information can be used by cybercriminals to commit identity theft, fraud, or other misuse.

Protected Health Information (PHI) involves medical‑related data and is strictly regulated under federal and state law. PHI can be combined with other PII to commit medical identity theft, a type of fraud that can be extremely difficult to detect and resolve.

Ericsson has arranged for impacted individuals to receive 12 months of complimentary identity protection and credit monitoring services through IDX, including fraud reimbursement coverage and fully managed identity theft recovery services.

Individuals are encouraged to remain vigilant by monitoring financial account activity, reviewing credit reports, and watching for signs of identity misuse.

If your data is exposed, criminals may use it to open fraudulent accounts, file false tax returns, access medical services under your name, or commit other forms of fraud. Prompt enrollment in identity monitoring services is strongly recommended.

Residents of California also have enhanced privacy rights under the California Consumer Privacy Act (CCPA) and additional protections under the Confidentiality of Medical Information Act (CMIA).

If you received a NOTICE OF DATA BREACH letter from Ericsson Inc., your personal information may be at risk and could be misused for identity theft or fraud.

Contact the Data Breach Attorneys at Emery | Reddy today for a Free Case Review.