Ericsson Inc., the U.S. arm of Swedish telecom giant Ericsson, has disclosed a significant data breach stemming from a hack of one of its third-party service providers. The incident has raised questions across the networking industry, including among customers of Cradlepoint — a company Ericsson acquired in 2020 and operates under its Ericsson Enterprise Wireless Solutions umbrella.
Here is what we know, what remains unclear, and what you can do right now.
What Happened with the Ericsson Data Breach
A service provider storing personal data on behalf of Ericsson employees and customers discovered unauthorized access on April 28, 2025. The investigation, aided by external cybersecurity specialists and the FBI, was completed in February 2026 and confirmed that files were accessed or acquired without authorization between April 17 and April 22, 2025. Bleeping Computer
The compromised data reportedly included individuals’ names, addresses, Social Security numbers, driver’s license numbers, government-issued ID numbers, financial details, medical information, and dates of birth.
At least 4,377 individuals in Texas were confirmed affected, though the nationwide total is likely considerably higher.
Ericsson noted that the breached provider has found no evidence of data misuse so far. No cybercrime group has publicly claimed responsibility for the attack, which raises the possibility that a ransom may have been paid, or that the attackers have not yet connected the breach to Ericsson’s name.
Does This Affect Cradlepoint / NetCloud?
This is the question most relevant to our customers. Based on everything currently known, this breach appears to be limited to Ericsson Inc.’s U.S. corporate operations — employee and customer personal data stored by a third-party vendor — rather than Cradlepoint’s NetCloud platform or any network device infrastructure.
Cradlepoint’s NetCloud Manager is a separate product with its own infrastructure, and there is no indication at this time that router configurations, cellular credentials, or NetCloud accounts were part of the exposed data set. We will update this post if that changes.
That said, if you or your organization have directly interacted with Ericsson U.S. sales, support, or enterprise teams, your contact information could be among the files that were accessed.
This Is Not Cradlepoint’s First Third-Party Breach Notice
It is worth noting that this is not the first time Ericsson Enterprise Wireless Solutions customers have received breach-related communications. In late August 2025, Ericsson Enterprise Wireless Solutions notified customers of a separate incident involving a widespread security breach affecting users of Salesloft Drift, a CRM-integrated platform. In that case, unauthorized individuals accessed customer contact information, account data, and text from certain customer support cases.
Two third-party breach disclosures in less than a year is a pattern worth watching, particularly for businesses that rely on Cradlepoint for critical connectivity infrastructure.
What Ericsson Is Doing
Ericsson is offering complimentary identity protection services through IDX, including 12 or 24 months of credit monitoring, dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully managed identity theft recovery services. The enrollment deadline is June 9, 2026.
If you received a breach notification letter from Ericsson, enrolling in the IDX program is strongly recommended.
What You Should Do Now
Even if you did not receive a notification letter, proactive steps are always worthwhile when a major vendor in your supply chain is involved in a breach.
Review any accounts where you used the same credentials as Ericsson or Cradlepoint portals and change those passwords immediately. Enable multi-factor authentication on your NetCloud Manager account if you have not already done so. Monitor your credit reports at Equifax, Experian, and TransUnion for any unusual activity, and consider placing a fraud alert if your SSN may be involved.
For businesses managing fleets of Cradlepoint routers, audit your API keys and access credentials in NetCloud. Rotating credentials proactively after any vendor breach is good hygiene regardless of whether devices were directly affected.
5Gstore Take
We sell and support Cradlepoint products every day, and our customers trust these devices for mission-critical connectivity. While this breach does not appear to touch NetCloud or device infrastructure, the frequency of third-party incidents affecting Ericsson’s ecosystem is a reminder that supply chain security extends well beyond the hardware you rack and stack. Vendor relationships carry risk, and staying informed is part of operating a secure network.
If you have questions about your Cradlepoint deployment or need help reviewing your device security posture, contact the 5Gstore team — we are here to help.
FAQ
Was Cradlepoint NetCloud hacked in this breach? Based on current information, no. The breach involved a third-party vendor storing personal data for Ericsson U.S. employees and customers, not Cradlepoint’s NetCloud platform or router infrastructure.
What data was exposed in the Ericsson breach? Names, addresses, Social Security numbers, driver’s license numbers, government-issued ID numbers, financial details, medical information, and dates of birth were potentially exposed.
How do I know if I was affected? Ericsson is sending breach notification letters to affected individuals. If you received one, follow the instructions to enroll in IDX identity protection before June 9, 2026.
Should I change my NetCloud Manager password? Yes. Even as a precaution when any vendor in your ecosystem experiences a breach, rotating passwords and enabling MFA on your NetCloud account is a smart move.
Is this the same as the Cradlepoint Salesloft Drift breach in 2025? No. These are two separate incidents. The Salesloft Drift breach in August 2025 affected customer contact information stored in a CRM platform. This March 2026 disclosure involves a different third-party vendor and more sensitive personal and financial data.
