The cyber world just got louder, a stealthy nation-state breach hit U.S. telecom player Ribbon Communications, while a separate jaw-dropping 4TB data exposure at Ernst & Young (EY) reminded everyone that even the big dogs can slip. Two different incidents, one hard truth: in 2025, no one’s safe, not even the ones writing the rules.
Texas-based Ribbon Communications, a backbone provider for global voice and data exchange, confirmed hackers “reportedly associated with a nation-state actor”remained undetected for nearly a year, since December 2024. The revelation came through its October 23 SEC filing, stating that intrusions date back to December 2024.
No evidence of theft of material information, per company statement, the attackers did access “several customer files” from two laptops outside the main network, four old files, to be precise. Ribbon said only three smaller customers were affected, and no government clients appear compromised.
The breach, first reported by Reuters, highlights a growing pattern of telecom supply-chain espionage. Analysts note similarities to recent China-linked campaigns (e.g., Salt Typhoon), though no attribution has been confirmed. “These are not smash-and-grab hacks, they’re about persistence and intelligence,” noted Pete Renals of Unit 42, warning that such actors often aim to embed themselves deep inside networks tied to critical infrastructure.
Ribbon’s high-profile client list, BT, Verizon, Deutsche Telekom, SoftBank, Tata, and even the U.S. Defense Department, makes the attack’s potential impact huge.FBI and CISA are reportedly aware, but investigation details remain undisclosed amid the U.S. government shutdown
Meanwhile in the cloud…
At the same time, cybersecurity firm Neo Security stumbled upon something equally chilling, a 4-terabyte SQL Server backup file sitting publicly exposed online, belonging to EY (Ernst & Young). The file, found on an Azure storage bucket, contained approximately 4 TB of data, a size researchers compared to the British Library’s digital collection.
The exposure was discovered accidentally during a routine web scan by a Neo Security researcher, a researcher spotted a “Content-Length: 4TB” header while scanning the web. Upon inspection, it turned out to be a live, unencrypted database backup, not a test file. The exposure could have revealed sensitive corporate data, financial records, and internal credentials if left unchecked.
Thankfully, EY’s response was textbook-perfect. The firm’s CSIRT team reacted immediately after responsible disclosure and fixed the issue within a week. No drama, no denial, just a solid incident response.
Takeaway:
Two very different crises, one clear message: visibility is everything. Whether it’s nation-state operatives burrowing into telecom infrastructure or a misconfigured cloud bucket spilling secrets, the line between safety and disaster is thinner than ever.
Because in today’s hyper-connected world, hackers don’t wait, and your “oops” moment is their open door.
Caught feelings for cybersecurity? It’s okay, it happens. Follow us on LinkedIn and Instagram to keep the spark alive.
