Japanese telco giant KDDI says 12 million emails exposed in major cyberattack
- KDDI confirms unauthorized access affecting six ISPs, with up to 14.22 million email addresses and passwords exposed
- Some passwords were unencrypted; with estimates citing 12.2 million emails and 7.6 million passwords compromised
- Company urged rapid password updates, coordinated countermeasures with ISPs, and pledged recurrence prevention
KDDI, one of Japan’s largest telecommunications providers, has confirmed it was recently hacked and lost millions of emails and unencrypted passwords belonging to its clients’ customers.
In a data breach notice, shared last month, the company said that it confirmed “unauthorized access” on June 17 2026.
“As a result, part of the information from email services offered by these ISPs may have leaked externally,” a machine translation of the notice reads.
Coordinating countermeasures
The incident allegedly affected an email system KDDI uses to manage customer email accounts, webmail, and email storage.
KDDI says that the attack affected six ISPs: STNet, KDDI Web Communications, JCOM, Chubu...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE