**KDDI Corporation**, a major Japanese telecommunications operator, has revealed a data breach where threat actors accessed one of its email systems. This system is also utilized by five other internet service providers (ISPs) in Japan. The company detected the compromise on June 17, swiftly blocking the attacker and implementing defensive measures. Investigations pinpointed a vulnerability within unnamed third-party software used by **KDDI** as the entry point for the hackers. “Although technical defensive measures have already been implemented for the system, there remains a possibility that customers' email addresses and passwords were obtained by unauthorized third parties as a result of the incident,” **KDDI** warned in an official statement. ### Scale of Exposure **KDDI**, a prominent ISP with 45,000 employees and significant annual revenue, has operated since 2000 following the merger of **IDO**, **DDI**, and **KDD**. The incident affected the email services of the following five ISP operators: 1. **STNet, Inc.** 2. **JCOM Co., Ltd.** 3. **Chubu Telecommunications C., Inc.** 4. **NIFTY Corporation** 5. **BIGLOBE Inc.** While the full scope of the breach is still under investigation, **KDDI** estimates that up to 14.2 million customers' email addresses and passwords may have been exposed. This figure encompasses current, former, and inactive accounts. **KDDI** noted that some passwords were stored in hashed and/or encrypted forms, which could mitigate the risk of immediate account hijacking. However, the company did not specify the encryption methods used or the proportion of passwords stored in plaintext. Since June 17, **KDDI** has been in contact with the affected ISPs and has also informed Japan's **Personal Information Protection Commission** and the **Ministry of Internal Affairs and Communications**. The company is collaborating with the impacted ISPs to deploy additional security measures to counter the risks stemming from this exposure. Customers potentially affected by this breach are strongly advised to reset their email account passwords immediately. Enabling two-factor authentication (2FA) is also highly recommended for an additional layer of security where available.