KDDI Reports Data Breach Affecting 12 Million Users
Japanese telecommunications company KDDI announced on June 17, 2024, that a significant data breach has affected over 12 million individuals. The breach occurred due to unauthorized access to an email platform utilized by five internet service providers (ISPs) in Japan. Attackers gained access to sensitive user information, including email addresses and passwords.
KDDI stated that the compromised platform is not directly operated by KDDI itself but is used by several affiliated ISPs. The company is working with the affected ISPs to investigate the full scope of the incident and to implement necessary security measures. The breach was initially detected on June 5, 2024, and a thorough investigation has been ongoing since then.
While the exact number of affected users is still being finalized, KDDI has provided an initial estimate of over 12 million individuals. The company has begun notifying affected customers and is providing guidance on how to protect themselves from potential misuse of their exposed information. This includes advice on changing passwords for both their email accounts and any other online services where the same credentials may have been used.
This incident highlights ongoing cybersecurity risks within the telecommunications and internet service provider sectors. KDDI has committed to enhancing its security protocols and collaborating with its partners to prevent future occurrences. The company is also cooperating with relevant authorities to address the breach.
Original source — read the full reporting at the publisher:
Read on BleepingComputer