Cellcom, the Wisconsin-based mobile carrier, has officially confirmed that a cyberattack was responsible for the prolonged service outages that began on the evening of May 14, 2025. For nearly a week, thousands of subscribers across Wisconsin and Michigan’s Upper Peninsula were unable to make phone calls or send text messages, triggering growing concerns about the true cause behind the disruption.
Initially described by the company as a “technical issue,” the incident was suspected by many to be far more serious. On May 21, Cellcom CEO Brighid Riordan addressed these suspicions, confirming that the outage was the result of a cybersecurity incident targeting the company’s infrastructure.
“We experienced a cyber incident. While this is unfortunate, it’s not something we were unprepared for,” said Riordan in a public letter.
“We have protocols and plans in place for exactly this kind of situation. From the start, we’ve followed those plans — including engaging outside cybersecurity experts, notifying the FBI and Wisconsin officials, and working around the clock to bring systems safely back online.”
Cellcom assured its customers that the attack was limited to a part of the network that does not contain personally identifiable information (PII) or sensitive financial data.
“The incident was concentrated on an area of our network separate from where we store sensitive information related to you, our Cellcom/Nsight family,” Riordan added. “We have no evidence that personal information related to you — your name, your addresses, your financial information — is impacted by this event.”
Despite the reassurance, customer frustration grew during the outage as users were unable to port their numbers to other carriers or receive reliable status updates. Even though emergency services like 911 and internet-based messaging platforms like iMessage and RCS remained functional, the disruption of core services like voice calls and SMS created significant inconvenience.
Cellcom began partial service restoration on May 19, allowing calls and texts between Cellcom users to resume. However, full service availability remains uncertain.
“While we would like to provide a timeline for full restoration, we are unable to share exact milestones with complete confidence,” the company stated in a service update. “Our team continues to build on the progress shared yesterday and our best estimate is that full service will be restored by or before the end of this week.”
As part of the recovery, Cellcom provided troubleshooting instructions for users struggling to reconnect to the network, recommending toggling airplane mode or restarting devices.
BleepingComputer had contacted Cellcom with questions regarding whether the cyberattack involved ransomware, but the company has not commented further. A video statement from Riordan was also released, aiming to improve transparency and outline the steps being taken to remediate the situation.
This incident underscores growing cybersecurity risks facing regional telecommunications providers. As mobile carriers increasingly become targets of cyberattacks, events like the Cellcom breach reveal the potential for disruption even when attackers avoid directly stealing user data.
