On May 14, 2025, Wisconsin-based mobile carrier Cellcom faced a major disruption that left thousands of customers unable to make calls or send text messages. What initially seemed like a technical glitch quickly escalated into a confirmed cyberattack. While data services and 911 emergency calls remained active, voice and SMS functions were offline for nearly a week. But instead of descending into chaos, Cellcom delivered a response that offers vital takeaways for every mobile carrier navigating the growing threat of cybercrime.

1. Acting Fast with a Clear Plan
   When the attack hit, Cellcom didn’t fumble. The company had a well-prepared cyber incident response plan and executed it immediately. Within hours, they:

• Engaged external cybersecurity experts
  
• Notified law enforcement, including the FBI
  
• Launched containment and recovery protocols
  

This immediate action shows how critical it is for companies to prepare before an incident strikes.

2. Network Segmentation That Paid Off
   One of the smartest things Cellcom did—well before the attack—was segmenting its network. The compromised systems were isolated from sensitive customer data, meaning personal and financial information remained untouched. That architectural decision significantly limited the damage.
3. Transparent Communication with Customers
   Instead of hiding behind vague statements, Cellcom kept customers in the loop. CEO Brighid Riordan took to YouTube with an unscripted update and issued an open letter acknowledging the incident. Key points included:

• Admission of the cyberattack
  
• Assurance that customer data remained secure
  
• Updates on service restoration progress
  

Daily posts across their website and social channels helped maintain trust in the midst of uncertainty.

4. Prioritising Safety Over Speed
   Cellcom didn’t rush to restore services without checking for lingering threats. Recovery was phased and methodical:

• Internal Cellcom voice calls came first
  
• Then SMS and inter-carrier calling
  
• Only after validation did the company enable full network functionality
  

This safety-first mindset reduced the risk of reinfection and ensured service stability.

5. Support That Went Beyond Expectations
   Knowing customers were affected, Cellcom:

• Offered practical recovery tips (e.g., toggling Airplane Mode)
  
• Maintained open support lines
  
• Issued bill credits for downtime—”and then some”
  

They also alerted customers about scam messages posing as Cellcom and warned against sharing credentials, reducing the risk of phishing attacks amid the confusion.

6. Teamwork and Expertise
   Cellcom brought in cybersecurity professionals from outside the state and worked around the clock. Their readiness to collaborate with specialists and law enforcement ensured that the threat was swiftly contained.
7. Planning for the Future
   While full details of the breach haven’t been released, Cellcom has committed to learning from the incident and improving its defenses. The message from the CEO was clear: the company would emerge stronger, with better safeguards and resilience.

Key Takeaways for Other Mobile Carriers
Cellcom’s response wasn’t perfect, but it was proactive, human, and grounded in best practices. Here are the key lessons:

• Have a cyber incident response plan—and test it
  
• Use network segmentation to protect critical data
  
• Communicate honestly and regularly with customers
  
• Restore services cautiously, not hastily
  
• Involve experts and law enforcement early
  
• Offer compensation and care to retain customer trust
  

To Sum Up
Cyberattacks aren’t just a big-city problem anymore. As Cellcom’s experience shows, regional carriers are just as vulnerable—and just as responsible for staying prepared. Their calm, clear-headed response offers a blueprint for other mobile service providers looking to safeguard their infrastructure and reputation in the age of digital threats.

Whether you’re a telecom provider or an enterprise dealing with sensitive data, the writing is on the wall: readiness, honesty, and resilience aren’t optional—they’re essential.