12 Million Impacted by Data Breach at Japanese Telco KDDI
A zero-day vulnerability in a third-party system used by Japanese telecom KDDI was exploited to access an email system serving five ISPs, impacting over 12 million people. The breach exposed email addresses and passwords, prompting mandatory password resets. KDDI evicted the attackers quickly and is working on a patch. The telecom's mobile and fixed-line internet email services were not affected. The company is also reviewing the software for other vulnerabilities and plans to transition to more secure communication technologies.
AI Analysis
Technical Summary
On June 17, 2026, KDDI confirmed a data breach affecting over 12 million individuals due to exploitation of a zero-day vulnerability in a third-party system integral to the email infrastructure used by five ISPs (STNet, JCOM, Chubu Telecommunications, NIFTY, and BIGLOBE). The attackers accessed email addresses and passwords of millions of users. KDDI's mobile and fixed-line internet email services remained unaffected. The company has removed the attackers from its systems, is collaborating with affected ISPs to enforce password resets, and is developing a patch for the zero-day vulnerability. KDDI is also inspecting the involved software for additional vulnerabilities and plans to enhance security by transitioning to more secure communication technologies.
Potential Impact
The breach compromised the email addresses of approximately 12.2 million people and passwords of 7.6 million individuals associated with ISP email services. This exposure risks unauthorized access to affected email accounts. However, KDDI's core mobile and fixed-line internet email services were not impacted. Immediate remediation actions, including password resets, have been initiated to mitigate further unauthorized access. There is no evidence of additional suspicious activity following the incident.
Mitigation Recommendations
KDDI is actively working with affected ISPs to enforce mandatory password resets for all impacted email accounts. The company has evicted the attackers and is developing an official patch for the exploited zero-day vulnerability. Users should follow password reset instructions provided by their ISPs. KDDI is also conducting thorough software inspections to identify and remediate any other vulnerabilities and plans to transition to more secure communication technologies. Patch status is not yet confirmed — check KDDI advisories for updates on the patch release.
12 Million Impacted by Data Breach at Japanese Telco KDDI
Description
A zero-day vulnerability in a third-party system used by Japanese telecom KDDI was exploited to access an email system serving five ISPs, impacting over 12 million people. The breach exposed email addresses and passwords, prompting mandatory password resets. KDDI evicted the attackers quickly and is working on a patch. The telecom's mobile and fixed-line internet email services were not affected. The company is also reviewing the software for other vulnerabilities and plans to transition to more secure communication technologies.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
On June 17, 2026, KDDI confirmed a data breach affecting over 12 million individuals due to exploitation of a zero-day vulnerability in a third-party system integral to the email infrastructure used by five ISPs (STNet, JCOM, Chubu Telecommunications, NIFTY, and BIGLOBE). The attackers accessed email addresses and passwords of millions of users. KDDI's mobile and fixed-line internet email services remained unaffected. The company has removed the attackers from its systems, is collaborating with affected ISPs to enforce password resets, and is developing a patch for the zero-day vulnerability. KDDI is also inspecting the involved software for additional vulnerabilities and plans to enhance security by transitioning to more secure communication technologies.
Potential Impact
The breach compromised the email addresses of approximately 12.2 million people and passwords of 7.6 million individuals associated with ISP email services. This exposure risks unauthorized access to affected email accounts. However, KDDI's core mobile and fixed-line internet email services were not impacted. Immediate remediation actions, including password resets, have been initiated to mitigate further unauthorized access. There is no evidence of additional suspicious activity following the incident.
Mitigation Recommendations
KDDI is actively working with affected ISPs to enforce mandatory password resets for all impacted email accounts. The company has evicted the attackers and is developing an official patch for the exploited zero-day vulnerability. Users should follow password reset instructions provided by their ISPs. KDDI is also conducting thorough software inspections to identify and remediate any other vulnerabilities and plans to transition to more secure communication technologies. Patch status is not yet confirmed — check KDDI advisories for updates on the patch release.
Technical Details
- Article Source
- {"url":"https://www.securityweek.com/12-million-impacted-by-data-breach-at-japanese-telco-kddi/","fetched":true,"fetchedAt":"2026-07-09T12:19:30.947Z","wordCount":980}
Threat ID: 6a4f91d268715ace43561b4c
Added to database: 07/09/2026, 12:19:30 UTC
Last enriched: 07/09/2026, 12:19:36 UTC
Last updated: 07/10/2026, 01:35:29 UTC
Views: 15
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.