14 Million Email Logins Exposed in Breach at 6 Japanese ISPs – Veri Sızıntısı
Live
Search
Company
About Founder's Note Press & Media Privacy Policy Terms of Service FAQ Brand Kit Comparison Table
Products
HUBOne HUBCorp Coming Soon Veri Sızıntısı Android Coming Soon Veri Sızıntısı iOS Coming Soon Veri Sızıntısı Huawei Coming Soon Breach Radar Argus Flow Argus Engine LivePlatform Integration Area
Technologies
What is Argus AI? Try on HUBOne What is Argus Flow? What is Argus Engine?
Blog Contact

14 Million Email Logins Exposed in Breach at 6 Japanese ISPs

Japanese telecommunications giant KDDI has announced a major data breach affecting itself and five other internet service providers. Attackers may have accessed the email addresses and passwords of up to 14.2 million users.

A digital interface image showing a cybersecurity warning over a padlock icon.

What Happened

KDDI Corporation, one of Japan's largest telecommunications operators, has publicly disclosed a significant data breach that has sent ripples through the cybersecurity community. According to a statement released on June 28, 2026, the company acknowledged that cyberattackers had infiltrated a shared email system used by itself and five other internet service providers (ISPs) in Japan. This breach potentially compromises the email login credentials of up to 14.2 million users.

KDDI stated that it first detected the incident on June 17 and responded immediately. The company's cybersecurity teams took urgent steps to block the attackers' access to the system and implemented defensive measures. However, despite this swift response, there is concern that the attackers may have accessed a substantial amount of data during the time they were in the system. Following the incident, KDDI notified both Japan's Personal Information Protection Commission and the Ministry of Internal Affairs and Communications, initiating the required legal processes. This action highlights the severity of the breach and the company's awareness of its legal responsibilities. This event not only affects KDDI but also illustrates how interconnected Japan's digital infrastructure is and how a single vulnerability can have such a widespread impact.

What Data Was Leaked

The primary data affected by the breach are users' most fundamental digital identity credentials: email addresses and their corresponding passwords. According to KDDI's announcement, a pool of up to 14.2 million accounts is at risk. This figure includes not only current active users but also former customers and inactive accounts that are no longer in use. This means that even individuals who received service years ago but did not have their information deleted could be at risk.

The company attempted to mitigate the potential damage by stating that some of the passwords were stored in "hashed" and/or "encrypted" form. In theory, this means that even if the passwords were directly obtained, they cannot be easily used. However, KDDI did not provide any technical details about which encryption or hashing algorithm was used. More importantly, no explanation was given as to what percentage of the total passwords were protected in this way, versus how many were stored in plaintext. This ambiguity raises the possibility of a worst-case scenario where millions of passwords could be directly readable and usable by the attackers. Email and password combinations are highly valuable to cybercriminals as this information is often tested on other platforms in attacks known as "credential stuffing."

How Did the Attack Happen

According to initial investigations by KDDI, the cyberattackers exploited a security vulnerability in a third-party software used by the company to gain access to the system. The company did not disclose the name of this software or the exact nature of the vulnerability. Critical information such as the technical details of the attack, the methods used, or how long the attackers were active in the system has not yet been revealed.

Supply chain attacks, carried out through third-party software, have become an increasingly common threat in recent years. No matter how well companies secure their own systems, a vulnerability in an external software they use or receive services from can break the entire security chain. In this incident, the attackers managed to infiltrate by targeting this external software, which they likely saw as a weaker link, rather than directly targeting KDDI's main systems. More information about the details of the attack is expected to emerge as the investigation continues. Other Data Breach News often points to similar supply chain vulnerabilities.

Who Is Affected

The data breach has impacted several key players in Japan's telecommunications sector. In addition to the main operator, KDDI Corporation, customers of five other internet service providers (ISPs) that use its infrastructure are also directly at risk. The affected companies are:

  • STNet, Inc.
  • JCOM Co., Ltd.
  • Chubu Telecommunications C., Inc.
  • NIFTY Corporation
  • BIGLOBE Inc.

Since the customers of these companies use KDDI's infrastructure for their email services, a breach in the main system has directly affected these users as well. The total of up to 14.2 million potential victims consists of current and former customers of these six companies. If you have received or are currently receiving email services from any of these companies, there is a possibility that your data has been compromised.

What You Can Do

If you are a customer of one of the six companies listed above, or have been in the past, it is safest to assume that your data may have been compromised. Here are the steps you should take:

  1. Change Your Password Immediately: Change the password for your affected email account right away. Ensure your new password is complex, long, and includes a mix of characters (uppercase/lowercase letters, numbers, symbols).
  2. Do Not Reuse the Same Password Elsewhere: If you use the same password from this email account on other platforms (social media, banking, e-commerce), change those passwords urgently as well. Cybercriminals often use stolen passwords to try to access your other accounts.
  3. Enable Two-Factor Authentication (2FA): If your email service supports it, enable two-factor authentication (2FA). This adds an extra layer of security that prevents access to your account even if your password is stolen.
  4. Be Wary of Suspicious Emails: Following the breach, there may be an increase in phishing emails sent to you. Be vigilant against emails that ask for personal information or passwords, or that contain suspicious links.

You can use trusted platforms to check if your account has been involved in this or any other breach. A Data Breach Search tool can help you see if your email address has been exposed in known data breaches by simply entering it.

What the Company Says

In its official statement, KDDI Corporation emphasized that it has been working to control the situation since the incident was discovered on June 17. The company stated that the attackers' access to the system has been blocked and necessary technical defensive measures have been taken. However, it transparently acknowledged that "there remains a possibility that customers' email addresses and passwords were obtained by unauthorized third parties."

The company added that it has been in communication with the other five affected ISPs since June 17 and is working with them to implement additional security measures to mitigate the risks. Notifications to the relevant government agencies in Japan also show that the company is handling the process through official channels. KDDI stated that the investigation is ongoing and that efforts are underway to determine the exact number of affected accounts. Their primary advice to users was to change their passwords and use two-factor authentication.

Source

https://www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/

This content was generated with AI assistance through our Argus Flow application. We are continuously working to improve Argus Flow; if you encounter any issues such as translation errors, incorrect sources, or unverified information, you can report them using the button below. We appreciate your feedback.

Share This Article
X LinkedIn WhatsApp
← Previous Post Unbelievable Twist in Cybersecurity Hackers Get Hacked Next Post → KDDI Data Breach Hits 14 Million Email Accounts Across 6 ISPs

Weekly Newsletter

Curated data breach news delivered to your inbox every week.