- Ribbon Communications suffered a cyberattack, seemingly by a state actor concentrating on company recordsdata
- Four older consumer recordsdata have been accessed from laptops; Affected prospects have been notified.
- The investigation continues; Unauthorized entry has been terminated and the influence is taken into account non-material.
Ribbon Communications has confirmed that it suffered a cyber assault through which it misplaced confidential consumer paperwork.
In a brand new 10-Q filed with the U.S. Securities and Exchange Commission (SEC), the corporate mentioned it grew to become conscious of the assault in early September 2025. Subsequent investigation decided that the assault was almost definitely carried out by a nation-state actor, with the objective of stealing company recordsdata.
Ribbon is a serious supplier of telecommunications software program and companies, with prospects corresponding to Verizon, CenturyLink, and the US Department of Defense, but in addition “smaller customers,” three of which have been affected by this intrusion.
The “smaller prospects” affected
The firm declined to call the victims because the investigation is at the moment ongoing, however added that “a total of four older files” have been accessed.
“The firm has preliminarily decided that preliminary entry by the menace actor could have occurred as early as December 2024, and remaining determinations are depending on the completion of the continued investigation,” the doc reads.
“As of the date of this quarterly report on Form 10-Q, we aren’t conscious of any proof indicating that the menace actor accessed or exfiltrated materials data. Several buyer recordsdata saved exterior of the primary community on two laptop computer computer systems seem to have been accessed by the menace actor and the corporate has notified these prospects.”
Ribbon didn’t talk about the id of the attackers or the nation-state behind them. He confused that the assault almost definitely won’t have a cloth influence regardless of the extra prices associated to investigation and community strengthening efforts.
In the submitting, Ribbon additionally mentioned it employed a number of exterior cybersecurity consultants to help with the investigation and forensics, and in addition notified related legislation enforcement businesses.
“While the investigation is ongoing, the corporate believes it has efficiently terminated unauthorized entry by the menace actor,” he concluded.
Through The Registry