Ribbon Communications hit by network compromise
Incident
Summary
Hide ▲
Show ▼
Ribbon Communications disclosed an unauthorized access incident against its IT network, creating risk around internal systems and customer files. The intrusion was discovered in early September 2025, and investigators said initial access may have started as early as December 2024. The company notified impacted customers and said it does not expect a material impact.
Related Happenings
West Pharmaceutical Services Inc. hit by data theft breach
Incident
First: 14.05.2026 01:23
Last: 14.05.2026 01:23
Sources 1
About this happening:
West Pharmaceutical Services disclosed a **cyberattack** that **exfiltrated data** and **encrypted systems**, disrupting **global operations** and increasing recovery risk. The co...
West Pharmaceutical Services Inc. hit by data theft breach
IncidentAbout this happening: West Pharmaceutical Services disclosed a **cyberattack** that **exfiltrated data** and **encrypted systems**, disrupting **global operations** and increasing recovery risk. The co...
UFP Technologies hit by network compromise
Incident
First: 26.02.2026 01:02
Last: 26.02.2026 01:02
Sources 1
About this happening:
UFP Technologies **disclosed a cybersecurity incident** that affected **many but not all IT systems**, disrupting **billing** and **label making for customer deliveries**. The com...
UFP Technologies hit by network compromise
IncidentAbout this happening: UFP Technologies **disclosed a cybersecurity incident** that affected **many but not all IT systems**, disrupting **billing** and **label making for customer deliveries**. The com...
Optimizely hit by network compromise
Incident
First: 23.02.2026 20:04
Last: 23.02.2026 20:04
Sources 1
About this happening:
**Optimizely** confirmed a **voice-phishing breach** that exposed **basic business contact information**, creating a limited but real follow-on phishing risk. The intrusion touche...
Optimizely hit by network compromise
IncidentAbout this happening: **Optimizely** confirmed a **voice-phishing breach** that exposed **basic business contact information**, creating a limited but real follow-on phishing risk. The intrusion touche...
Russian GRU critical infrastructure edge-device targeting campaign
Campaign
First: 16.12.2025 14:15
Last: 16.12.2025 14:15
Sources 1
About this happening:
A Russian GRU-linked campaign targeted Western critical infrastructure and shifted in 2025 from exploiting vulnerabilities in products such as WatchGuard, Confluence, and Veeam to...
Russian GRU critical infrastructure edge-device targeting campaign
CampaignAbout this happening: A Russian GRU-linked campaign targeted Western critical infrastructure and shifted in 2025 from exploiting vulnerabilities in products such as WatchGuard, Confluence, and Veeam to...
Latest development: 16.12.2025 22:13
The operation initially relied on **WatchGuard**, **Confluence**, and **Veeam** vulnerabilities for initial access, combining zero-days and known flaws. That foothold phase later gave way to targeting **misconfigured edge devices** with exposed management interfaces.
NCSC Share and Defend blocks nearly one billion scam site attempts via ISP DNS filters
Security Tool/Service
First: 03.12.2025 18:08
Last: 03.12.2025 18:08
Sources 1
About this happening:
The **NCSC Share and Defend** service has blocked **almost one billion** scam website access attempts in **less than a year**, showing large-scale disruption of malicious site rea...
NCSC Share and Defend blocks nearly one billion scam site attempts via ISP DNS filters
Security Tool/ServiceAbout this happening: The **NCSC Share and Defend** service has blocked **almost one billion** scam website access attempts in **less than a year**, showing large-scale disruption of malicious site rea...
Timeline
-
30.10.2025 14:36 1 articles · 6mo ago
Ribbon Communications discloses unauthorized access to its IT network
Initial DisclosureRibbon Communications disclosed in a quarterly SEC filing that it discovered unauthorized access to its IT network in early September 2025. Investigators said initial access may have started as early as December 2024, and Ribbon believes a nation-state threat actor was involved. The company said several customer files saved outside the main network on two laptops appear to have been accessed, notified impacted customers, and did not expect the incident to have a material impact.
Show sources
- Major US Telecom Backbone Firm Hacked by Nation-State Actors — www.securityweek.com — 30.10.2025 14:36
-
23.10.2025 03:00 2 articles · 7mo ago
Ribbon discloses nation-state breach of its IT network
Initial DisclosureRibbon Communications said unauthorized persons reportedly associated with a nation-state actor gained access to its IT network, with preliminary findings indicating initial access may have occurred as early as December 2024. The company became aware of the activity in early September 2025, disclosed the matter in an SEC filing on October 23, 2025, and said attackers accessed files belonging to several customers stored on two laptops outside Ribbon's main network while it works with third-party cybersecurity experts and federal law enforcement and has not found evidence that any material information was stolen.
Show sources
- Major telecom services provider Ribbon breached by state hackers — www.bleepingcomputer.com — 30.10.2025 21:03
- Ribbon Communications Breach Marks Latest Telecom Attack — www.darkreading.com — 31.10.2025 21:47