KDDI Confirms Data Breach Affecting 12M Email Addresses and 7.6M Passwords

Photo: ITmedia
Quick answer
Japanese telecom operator KDDI confirmed a data breach exposing 12.23 million email addresses and 7.62 million passwords due to unauthorized access to its ISP email system.
Japanese telecom giant KDDI has officially confirmed unauthorized access to its email system, which is used by internet service providers. The incident was detected in July 2026, and the investigation findings have been submitted to Japan’s Ministry of Internal Affairs and Communications.
According to the company’s report, attackers gained access to 12,233,087 unique email addresses and 7,616,173 user passwords. KDDI has already begun damage control: all affected accounts will be forcibly reset, and the system will undergo thorough audits and upgrades.
To prevent similar incidents in the future, the operator plans to implement artificial intelligence technologies to analyze potential software vulnerabilities. Additional monitoring and data protection measures will also be strengthened to minimize the risk of future attacks.
The incident serves as a reminder of the critical importance of cybersecurity for major telecom companies, especially amid rising cyberattacks targeting provider infrastructure. KDDI continues to collaborate with regulators and security experts to fully resolve the breach’s aftermath.
Common questions
- What data was compromised in the KDDI breach?
- The incident exposed 12.23 million email addresses and 7.62 million user passwords. The breach occurred due to unauthorized access to the operator’s email system.
- What measures is KDDI taking to address the breach?
- KDDI is enforcing password resets for affected accounts and deploying AI-driven vulnerability analysis to prevent future incidents. The company is also enhancing system monitoring and data protection protocols.
- Which sector was impacted by the KDDI data breach?
- The breach affected the email system used by internet service providers (ISPs). The incident resulted from unauthorized access to the company’s infrastructure.
Dzen feed: /feed/dzen.xml · RSS: /feed.xml