Nation-State Hackers Breach Ribbon Communications’ Network, Company Confirms

Ribbon Communications said that it experienced a significant cyber security incident involving unauthorised access to its internal network, resulting in the compromise of certain customer information.

 

Based in Plano, Texas, Ribbon Communications delivers networking and secure cloud communication solutions to telecom and critical infrastructure clients globally.

 

In a filing with the United States Security and Exchange Commission (SEC), Ribbon said that in early September, the company detected suspicious activity within its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. 

 

Ribbon also reported the incident to relevant law enforcement authorities and collaborated with them to resolve the matter at the earliest.

 

The investigation determined that the cyber criminals infiltrating the company’s network were “reportedly associated with a nation-state actor. While the investigation is ongoing, the Company believes that it has been successful in terminating the unauthorised access by the threat actor.”

 

“The Company has preliminarily determined that initial access by the threat actor may have occurred as early as December 2024, with final determinations dependent on completion of the ongoing investigation.

 

“We are not aware of evidence indicating that the threat actor accessed or exfiltrated any material information.  Several customer files saved outside of the main network on two laptops do appear to have been accessed by the threat actor and those customers have been notified by the Company,” Ribbon said.

 

The company stated that it does not believe the incident has had a material impact on its financial condition or operating results. The investigation remains ongoing, and Ribbon continues to implement additional measures to enhance its network security. 

 

Furthermore, it expects to incur some expenses in the fourth quarter of 2025 related to the investigation and security improvements, but these costs are not expected to be material.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Ribbon. The company also did not share details on who was behind the attack, how much data was compromised, or whether it has received a ransom demand.