Published in Security Week, click here to read the entire article.
Ribbon Communications, an American company that provides backbone technology for communication networks, has been targeted by hackers.
Ribbon provides communications and networking solutions that enable organizations to reliably run phone calls and data networks.
The firm says its solutions are used by service providers, enterprises and critical infrastructure organizations. Its website lists BT, Verizon, Deutsche Telekom, CenturyLink, TalkTalk, Softbank, and Tata as its customers, along with the US Department of Defense and the City of Los Angeles.
In a quarterly financial report submitted recently to the SEC, Ribbon said it discovered unauthorized access to its IT network in early September 2025.
An investigation showed that the hackers may have gained initial access as early as December 2024, but the probe is still ongoing.
Ribbon has not shared any technical details on the incident, but said a nation-state threat actor is believed to be behind the attack.
At the time of the quarterly report’s submission Ribbon had not found any evidence that the hackers accessed or exfiltrated material information, but the company admitted that “several customer files saved outside of the main network on two laptops do appear to have been accessed by the threat actor”.
Impacted customers have been notified. While the company expects to incur some costs as a result of its investigation into the cybersecurity incident, it does not expect the hack to have a material impact.