美国电信公司Ribbon Communications遭疑似中国关联的国家行为者网络攻击,入侵或始于2024年12月,在2025年9月被发现。攻击者访问了存储在两台笔记本电脑上的部分客户文件。公司已采取措施应对,并称目前未发现重大财务影响。调查仍在进行中。 2025-10-31 08:52:22 Author: securityaffairs.com(查看原文) 阅读量:12 收藏
Suspected Chinese actors compromise U.S. Telecom firm Ribbon Communications
A nation-state actor, likely a China-nexus one, hacked the U.S.-based technology company Ribbon Communications.
Ribbon Communications is a U.S.-based technology company that provides telecommunications and networking. Ribbon Communications employs approximately 3,052 people as of December 31, 2024. The company reported annual revenue of US $834 million in 2024.
The U.S. telecom provider disclosed a cyberattack likely by a China-nexus nation-state actor. The intrusion was discovered in September 2025, but it possibly dates back to December 2024. Threat actors gained access to some customer files stored on two laptops.
The company did not share any technical details about the intrusion.
“In early September 2025, the Company became aware that unauthorized persons, reportedly associated with a nation-state actor, had gained access to the Company’s IT network. The Company promptly initiated its incident response plan and began an investigation, containment and remediation effort using multiple third-party cybersecurity experts, including federal law enforcement. While the investigation is ongoing, the Company believes that it has been successful in terminating the unauthorized access by the threat actor.” reads the FORM 10-Q filed with the SECURITIES AND EXCHANGE COMMISSION (SEC).
“The Company has preliminarily determined that initial access by the threat actor may have occurred as early as December 2024, with final determinations dependent on completion of the ongoing investigation. As of the date of this quarterly report on Form 10-Q, we are not aware of evidence indicating that the threat actor accessed or exfiltrated any material information. Several customer files saved outside of the main network on two laptops do appear to have been accessed by the threat actor and those customers have been notified by the Company.”
Ribbon Communications stated that the cyber incident hasn’t materially affected its finances. The investigation is ongoing, and the company continues to enhance its network security. Ribbon expects additional costs but believes they will not be significant.
Over the years, cyber security firms and intelligence experts have blamed China for conducting advanced cyberespionage campaigns against telecoms in North America, and was likely behind a recent attack on security company F5.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)
如有侵权请联系:admin#unsafe.sh