Between April 17–22, 2025, an unknown threat actor accessed files at an unnamed third-party service provider used by Ericsson Inc. (US operations). The investigation concluded in February 2026, and Ericsson notified approximately 15,000 affected individuals in March 2026. A filing with the Texas AG on March 9, 2026 indicated 4,377 Texas residents were impacted. Exposed data included names, addresses, Social Security numbers, driver’s license numbers, passport numbers, state ID numbers, and financial account/card numbers. No cybercrime group has claimed responsibility. Ericsson offered 12 months of identity protection via IDX to affected individuals.