Government hackers breached telecom giant Ribbon for months before getting caught

U.S. telecommunications elephantine Ribbon has confirmed that government-backed hackers had entree to its web for astir a twelvemonth earlier getting caught, according to a nationalist filing.

The telco elephantine said successful a 10-Q disclosure past week with the U.S. Securities and Exchange Commission that a suspected “nation-state histrion had gained entree to the company’s IT network” arsenic aboriginal arsenic December 2024. Ribbon said it notified instrumentality enforcement and that it believes the hackers are nary longer successful its network.

The Texas-headquartered Ribbon provides phone, networking, and net services for companies, enterprises, and captious infrastructure organizations, specified arsenic vigor and proscription systems. The institution counts hundreds of companies as customers, including Fortune 500 firms and authorities agencies, specified arsenic the Department of Defense.

Reuters, which first reported quality of the breach, said 3 of Ribbon’s customers are known to beryllium affected, but the companies were not named.

It’s not wide if the hackers exfiltrated personally identifiable accusation belonging to immoderate individuals oregon different delicate information from its firm customers successful the breach, but the institution noted successful the filing that “several lawsuit files saved extracurricular of the main web connected 2 laptops bash look to person been accessed by the menace actor.” Ribbon said it notified the affected customers.

Ribbon is the latest successful a bid of telecommunication providers to person been hacked implicit the past 2 years, though the institution did not instantly accidental which authorities it believes is down the intrusions.

Catherine Berthier, a spokesperson for Ribbon, did not instrumentality TechCrunch’s petition for comment.

Chinese-backed hackers person antecedently targeted and compromised at slightest 200 U.S.-based companies, including telephone and net providers, successful an effort to bargain telephone records and calling information astir elder U.S. authorities officials. Several telcos, including AT&T, Verizon, and Lumen, were confirmed hacked arsenic portion of the campaign, on with cloud giants and datacenter providers. 

Some of the companies were located extracurricular of the United States, including Canada.

The hackers, known arsenic Salt Typhoon, are one of respective China-backed hacking groups said to beryllium targeting the U.S. and its allies arsenic portion of a multi-year effort to hole for a aboriginal anticipated Chinese penetration of Taiwan, according to U.S. authorities officials.