Japanese telecom KDDI Corporation disclosed a data breach exposing up to 14.2 million email logins. Threat actors accessed an email system shared by KDDI and five other internet service providers in the country.
KDDI, one of Japan's major telecommunications operators, confirmed the security incident affected its email infrastructure used across multiple ISPs. The breach exposed customer email logins and associated credentials.
The incident highlights the cascading risks of shared infrastructure among providers. A compromise at a single point of access can impact millions of users across multiple organizations.
KDDI has not disclosed specific details about the breach timeline, the identity of the threat actors, or whether the exposed credentials have been actively exploited. The company is investigating the incident and working to secure affected systems.
Users of the affected ISPs are advised to monitor their accounts for suspicious activity and change passwords if they use credentials associated with the compromised email systems. This incident adds to a growing list of large-scale data breaches affecting telecommunications providers globally.
Traditional security workflows designed for human-speed operations are inadequate for AI agents, requiring organizations to rebuild defenses around live identity foundations and customizable threat responses.
Two members of the Scattered Spider cybercrime collective have been sentenced to five years and six months in prison each for a 2024 cyberattack that disrupted Transport for London.
Russian threat actor UAT-11795 is distributing trojanized versions of popular video conferencing apps to deploy Starland, a new backdoor capable of stealing credentials and cryptocurrency.