NTT Communications Corporation, a leading telecommunications provider in Japan, has alerted nearly 18,000 corporate clients about a data breach that compromised their information. The incident, discovered in early February 2025, highlights ongoing cybersecurity challenges faced by major telecom companies.

Details of the NTT Data Breach

The breach was identified on February 5, 2025, but the initial access date remains unknown. NTT confirmed on February 6 that sensitive information might have been leaked. The breach targeted NTT's 'Order Information Distribution System,' affecting 17,891 corporate clients. Fortunately, personal customer data was not involved.

Compromised Information

The data potentially accessed by hackers includes:

  • Customer Name: The registered contract name of the company.
  • Representative's Name: The name of the customer representative.
  • Contract Number: Unique identifier for the contract.
  • Contact Details: Phone numbers and email addresses.
  • Physical Address: Location details of the company.
  • Service Usage Information: Data regarding the services used.

Contracts for corporate smartphones and mobile phones provided by NTT Docomo were unaffected by this breach.

Response and Containment Measures

Upon discovering the breach, NTT swiftly blocked the attackers' access by February 6. However, further investigation on February 15 revealed that the attackers had moved to another device within NTT's network. This device was immediately isolated to prevent additional lateral movement. NTT is confident that the threat has been fully contained.

Notification Strategy

NTT has opted not to send personalized notifications to affected customers. Instead, the company has issued a public announcement on its website as the sole form of communication regarding the breach.

NTT's Cybersecurity Challenges

As a major telecommunications provider, NTT frequently faces cyber threats. Earlier in January 2025, the company experienced a significant 12-hour service disruption due to a distributed denial of service (DDoS) attack. In May 2020, NTT suffered another data breach, compromising the information of hundreds of customers.

The link has been copied!