Ribbon Communications, an American company that provides backbone technology for communication networks, has been targeted by hackers.
Ribbon provides communications and networking solutions that enable organizations to reliably run phone calls and data networks.
The firm says its solutions are used by service providers, enterprises and critical infrastructure organizations. Its website lists BT, Verizon, Deutsche Telekom, CenturyLink, TalkTalk, Softbank, and Tata as its customers, along with the US Department of Defense and the City of Los Angeles.
In a quarterly financial report submitted recently to the SEC, Ribbon said it discovered unauthorized access to its IT network in early September 2025.
An investigation showed that the hackers may have gained initial access as early as December 2024, but the probe is still ongoing.
Ribbon has not shared any technical details on the incident, but said a nation-state threat actor is believed to be behind the attack.
At the time of the quarterly report’s submission Ribbon had not found any evidence that the hackers accessed or exfiltrated material information, but the company admitted that “several customer files saved outside of the main network on two laptops do appear to have been accessed by the threat actor”.
Impacted customers have been notified. While the company expects to incur some costs as a result of its investigation into the cybersecurity incident, it does not expect the hack to have a material impact.
While it’s unclear who was behind the Ribbon intrusion, the attack profile points to China as a likely suspect.
China has been known to conduct sophisticated cyberespionage campaigns targeting telecommunications companies in North America and elsewhere.
Chinese cyberspies are also believed to be behind the recently discovered attack targeting security and application delivery solutions provider F5.
Related: North Korean Hackers Aim at European Drone Companies
Related: Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day
Related: Security Firm Exposes Role of Beijing Research Institute in China’s Cyber Operations
