← All stories
● Covered by 1 source Β· 1 reportHigh impact

KDDI cyberattack exposes over 12 million emails and 7.6 million passwords

Aggregated by BrevFeed security Β· updated 1h ago
πŸ”– Save

KDDI reported that a cyberattack exposed 12.2 million email addresses and 7.6 million passwords linked to five ISPs. The breach stemmed from a vulnerability in third-party software, which KDDI has patched, ensuring its own services remained secure. This incident highlights ongoing security challenges for Japanese companies amid a rise in cyber incidents.

Key points

Overview of the Incident

KDDI, one of Japan's largest telecommunications companies, disclosed a significant cyberattack affecting its email services. The breach has exposed more than 12.2 million customer email addresses and 7.6 million passwords, which were managed through an email platform utilized by five Japanese internet service providers.

Details of the Breach

The unauthorized access was first reported in June, but the scale of the breach was confirmed only after a thorough forensic investigation was conducted. KDDI determined that the attackers exploited a vulnerability in third-party software associated with the email system. Subsequent investigations indicated that no further systems were compromised beyond this identified vulnerability.

Response and Impact

KDDI promptly patched the security flaw and made modifications to the email system immediately upon detecting the breach. The company has stated that its own consumer email services were not affected as they utilize different infrastructure. Moreover, KDDI has indicated that many customers have already changed their passwords following the incident. Internet service providers involved are working to enforce mandatory password resets for affected users.

Context of Cybersecurity in Japan

This breach occurs against a backdrop of increasing cyber incidents reported by major Japanese firms. Other companies, including Aflac, Nidec, and Sapporo Holdings, have also experienced breaches recently, reflecting a concerning trend in cybersecurity challenges within the country.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Reporting from

KDDI reported that a cyberattack exposed 12.2 million email addresses and 7.6 million passwords linked to five ISPs. The breach stemmed from a vulnerability in third-party software, which KDDI has patched, ensuring its own services remained secure. This incident highlights ongoing security challenges for Japanese companies amid a rise in cyber incidents.