KDDI Data Breach Impacts Up to 14.2 Million Email Accounts Across Six Japanese ISPs

KDDI Corporation disclosed a data breach affecting up to 14.2 million email accounts across six Japanese internet service providers. The breach occurred due to attackers exploiting a vulnerability in third-party software used by the company. KDDI, one of Japan’s largest telecommunications firms, confirmed the incident but did not specify the exact timeline, technical details of the vulnerability, or the identities of the affected ISPs. The exposed data is limited to email accounts, with no additional personal or financial information reported as compromised. The company employs over 60,000 people and serves a broad customer base in Japan.