Government Hackers Breached Telecom Giant Ribbon For Months Before Getting Caught

U.S. telecommunications elephantine Ribbon has confirmed that government-backed hackers had entree to its web for almost a twelvemonth earlier getting caught, according to a nationalist filing.

The telco elephantine said successful a 10-Q disclosure past week pinch nan U.S. Securities and Exchange Commission that a suspected “nation-state character had gained entree to nan company’s IT network” arsenic early arsenic December 2024. Ribbon said it notified rule enforcement and that it believes nan hackers are nary longer successful its network.

The Texas-headquartered Ribbon provides phone, networking, and net services for companies, enterprises, and captious infrastructure organizations, specified arsenic power and proscription systems. The institution counts hundreds of companies as customers, including Fortune 500 firms and authorities agencies, specified arsenic nan Department of Defense.

Reuters, which first reported news of nan breach, said 3 of Ribbon’s customers are known to beryllium affected, but nan companies were not named.

It’s not clear if nan hackers exfiltrated personally identifiable accusation belonging to immoderate individuals aliases different delicate information from its firm customers successful nan breach, but nan institution noted successful nan filing that “several customer files saved extracurricular of nan main web connected 2 laptops do look to person been accessed by nan threat actor.” Ribbon said it notified nan affected customers.

Ribbon is nan latest successful a bid of telecommunication providers to person been hacked complete nan past 2 years, though nan institution did not instantly opportunity which authorities it believes is down nan intrusions.

Catherine Berthier, a spokesperson for Ribbon, did not return TechCrunch’s petition for comment.

Chinese-backed hackers person antecedently targeted and compromised at slightest 200 U.S.-based companies, including telephone and net providers, successful an effort to bargain telephone records and calling information astir elder U.S. authorities officials. Several telcos, including AT&T, Verizon, and Lumen, were confirmed hacked arsenic portion of nan campaign, on pinch cloud giants and datacenter providers. 

Some of nan companies were located extracurricular of nan United States, including Canada.

The hackers, known arsenic Salt Typhoon, are one of respective China-backed hacking groups said to beryllium targeting nan U.S. and its friends arsenic portion of a multi-year effort to hole for a early anticipated Chinese penetration of Taiwan, according to U.S. authorities officials.