KDDI Data Breach: 12 Million Affected in Japan

www.news4hackers.com-kddi-data-breach-12-million-affected-in-japan-kddi-data-breach-12-million-affected-in-japan

Japanese telecommunications company KDDI disclosed that a data breach in June impacted over 12 million individuals.

Japanese telecommunications company KDDI disclosed that a data breach in June impacted over 12 million individuals.

The incident occurred on June 17 and involved unauthorized access to a system developed by KDDI for five internet service providers: STNet, JCOM, Chubu Telecommunications, NIFTY, and BIGLOBE. KDDI’s mobile and fixed-line internet services, which operate on separate infrastructure, remained unaffected by the breach. The attack exploited a zero-day vulnerability in software integrated into the shared system. An automated translation of KDDI’s official statement indicated that the vulnerability had been exploited since May, prompting the vendor to develop a patch. The breach compromised the personal addresses of 12.2 million users and passwords for 7.6 million individuals. KDDI confirmed collaboration with the affected ISPs to initiate password resets, noting that users with frequent address usage had already updated their login credentials. A mandatory password reset for all affected accounts is scheduled to be completed in the coming days. The company stated that attackers were removed from its systems immediately upon discovery of the breach and that no evidence of ongoing malicious activity has been found. KDDI plans to conduct a thorough review of the affected software to identify and mitigate additional vulnerabilities. The organization also intends to work with the ISPs to adopt more secure communication protocols.



About Author

en_USEnglish