A major US telecommunications supplier Ribbon Communications has been compromised by nation-state hackers who infiltrated its network and remained undetected for nearly nine months.
Ribbon provides networking software and equipment to major clients including Verizon, CenturyLink, and the US Department of Defense.
According to a US Securities and Exchange Commission (SEC) filing dated October 23, the company discovered the breach in early September. The attackers reportedly gained unauthorized access to Ribbon’s IT network in December 2023, exfiltrating files belonging to three of its customers before being detected.
“While the investigation is ongoing, the Company believes that it has been successful in terminating the unauthorized access by the threat actor,” the company said, noting that it has not found evidence that the attackers accessed any “material information.”
According to the firm, the intrusion impacted “several customer files saved outside of the main network on two laptops.” Ribbon confirmed that the affected customers, described only as “smaller clients,” have been notified.
“The Company’s investigation into this incident is ongoing and the Company continues to take additional steps to further strengthen its network security,” Ribbon said.