Japanese telecommunications operator KDDI has confirmed it suffered a breach that has affected five other internet services providers (ISPs) and potentially exposed 14.2 customer email accounts.
In a public statement released on June 23, KDDI Corporation said an unauthorized actor unlawfully gained access to an email system it provides to several Japanese ISPs, meaning that data linked to customers of these email services may have leaked.
Specifically, KDDI said up to 14.22 million email addresses and passwords have likely been compromised.
This includes accounts of customers who have canceled their services or have not used it for a long time.
The affected ISPs include:
- STNet: Email services for Pikara Light Service, Pikara Mobile Service and Oshigoto Pikara Service
- KDDI Web Communications: Email services for the rental server CPI
- JCOM: Email services for J:COM NET and cable TV operators
- Chubu Telecommunications: Email services for COMINA Hikari and Business COMINA
- Nifty Corporation: Email services for @nifty email
- Biglobe: Email services for BIGLOBE email
KDDI Urges Password Changes
KDDI detected the intrusion on June 17 and assessed that the actor exploited a vulnerability in third-party software used in the email system.
The company “modified the system to prevent further damage” and has now “implemented technical countermeasures at the suspected compromised locations.”
It also notified relevant authorities, including the Personal Information Protection Commission and Japan’s Ministry of Internal Affairs and Communications.
Additionally, KDDI confirmed it is working in close collaboration with the affected ISPs in order to provide information and discuss countermeasures, “which are currently being implemented,” the company said.
Nevertheless, the company “strongly advised” customers of any of the affected email services to change their passwords.
Image credits: yu_photo / Shutterstock.com
Read now: Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens