After nearly a week of disrupted services, Wisconsin-based telecommunications provider Cellcom has officially confirmed that a cyberattack is responsible for the ongoing service outage affecting thousands of customers across its network.
The incident, which began on Wednesday, May 14, has primarily impacted voice and SMS capabilities, leaving many subscribers unable to make calls or send text messages.
According to Cellcom CEO Brighid Riordan, the cyber incident specifically targeted the company’s voice and SMS infrastructure while leaving other services intact.
.png
)
Cellcom Cyberattack
“The cyber incident that we’re experiencing is segmented to the voice and texting part of your service,” Riordan stated in a video message released on May 20.
The attack appears to have compromised components of Cellcom’s Public Switched Telephone Network (PSTN) infrastructure, affecting the Session Initiation Protocol (SIP) systems that handle call establishment and termination.
Technical teams have made significant progress in restoring functionality, with SMS texting capabilities and Cellcom-to-Cellcom voice calls reinstated as of May 19.
This recovery involved reestablishing the SS7 SMS gateway functionality that enables message routing between networks.
However, interconnection with other carriers remains problematic, as the attack specifically targeted network components responsible for cross-carrier communications.
Customers have been advised to temporarily toggle Airplane Mode to re-register their devices with the network following the partial service restoration.
Customer Remediation Strategy
The prolonged outage has caused significant disruption, with customers reporting missed family connections, business opportunities, and even job interviews. In response, Cellcom has implemented a comprehensive customer support plan.
“As a gesture of accountability and thanks, we are covering outage service fees for the customers that continue with us,” the company stated on its service update page. This will be delivered as credits on future bills.
Riordan has acknowledged the frustration experienced by customers while emphasizing the company’s commitment to transparency.
“We know this disruption has caused frustration and, for some, real hardship — and for that, I am truly sorry,” she stated in her public message.
The company has also warned customers to be vigilant against potential scam attempts that might exploit the situation, emphasizing that Cellcom will never contact customers requesting personal information or account details.
Cellcom has activated established cybersecurity protocols in response to the attack. “We were prepared for this; we have protocols in place for such incidents, and we are executing them,” Riordan explained.
The company has engaged external cybersecurity experts and notified both the FBI and Wisconsin officials about the breach.
Despite the severity of the attack, Cellcom maintains that customer personal data remains secure.
“The incident was concentrated on an area of our network separate from where we store sensitive information related to you, our Cellcom/Nsight family,” Riordan assured customers.
This contrasts with recent telecom breaches like the SK Telecom incident, where malware remained undetected for three years and compromised 27 million subscribers’ data.
Full restoration of all services is expected by the end of this week, with the company emphasizing that “every part of this recovery is being handled with care and precision”.
Cellcom has prioritized security over speed in its recovery efforts to prevent any further compromises to network integrity.
Equip your SOC team with deep threat analysis for faster response -> Get Extra Sandbox Licenses for Free
