Summary
Key Points:
- KDDI has confirmed a breach affecting six Japanese ISPs, exposing approximately 14.2 million customer email addresses and passwords.
- The breach resulted from unauthorized access to an email system, impacting customers of multiple ISPs including STNet, KDDI Web Communications, JCOM, Chubu Telecommunications, Nifty Corporation, and Biglobe.
- KDDI recommends that all affected customers change their passwords and has implemented technical countermeasures to mitigate further risks.
Technical Details: The breach was attributed to a vulnerability in third-party software utilized within the email system. KDDI detected the intrusion on June 17 and has since modified the system to prevent additional damage.
MITRE ATT&CK Techniques: None mentioned
IOCs Mentioned: None mentioned
Join the discussion — sign up to comment, upvote, and save articles.