Japanese telecom KDDI disclosed a major data breach affecting over 12 million people across five internet service providers. Attackers accessed an email platform, exposing email addresses and passwords.
KDDI, one of Japan's largest telecommunications companies, confirmed the security incident compromised customer data held on a shared email platform used by multiple ISPs operating under its umbrella.
The breach exposed email addresses and passwords for millions of users. KDDI has not yet detailed the full scope of personal information accessed or the methods used by attackers to breach the platform.
The incident affects customers across five internet service providers connected to the platform, significantly expanding the potential impact beyond KDDI's direct user base. The company has begun notifying affected customers and recommending immediate password changes.
KDDI said it is investigating the breach timeline and security gaps that allowed unauthorized access. The company has not disclosed whether ransom demands were made or if customer data has been sold on the dark web.
This breach ranks among Japan's largest data incidents in recent years. Japanese regulators typically investigate telecommunications breaches closely due to their critical infrastructure status and the sensitivity of customer information held by telcos.
KDDI operates as one of Japan's three major mobile carriers alongside NTT Docomo and SoftBank. The company serves millions of mobile and internet customers across the country, making security breaches particularly consequential for the broader telecommunications landscape.
The company urged affected users to change passwords immediately and monitor accounts for suspicious activity. KDDI also recommended enabling two-factor authentication where available to strengthen account security moving forward.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.