Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident.
The data breach was discovered in early February 2025, but the exact date when the hackers gained initial access to NTT’s systems hasn’t been determined.
“NTT Communications Corporation discovered on February 5 that our facilities had been subjected to unauthorized access.”
“On February 6, we confirmed that some information might have been leaked externally.”
Specifically, NTT says hackers breached its ‘Order Information Distribution System,’ which held details on 17,891 corporate customers (companies), but no data on personal customers (consumers).
The types of data that may have been stolen by hackers includes:
- Customer name (registered contract name)
- Customer representative’s name
- Contract number
- Phone number
- Email address
- Physical address
- Service usage information
NTT says contracts for corporate smartphones and mobile phones provided directly by NTT Docomo were not affected by this incident.
The company discovered the breach on February 5 and blocked the threat actor’s access to the breached system by the next day.
However, its investigation revealed on February 15 that the attackers had pivoted to another device on NTT’s network. This device was promptly disconnected to prevent further lateral movement, and the firm is now confident that the threat has been fully contained.
NTT has made it clear that it will not send personalized notifications to impacted customers, so the public announcement on its website will remain the sole notice.
NTT’s cybersecurity troubles
Being a large telecommunications service provider in Japan, NTT often becomes a target of cybercriminals looking to disrupt its operations or steal valuable data from its networks.
On January 2, 2025, the company suffered a massive 12-hour service disruption on its mobile services and payment platforms, attributed to a distributed denial of service (DDoS) attack.
In May 2020, the company suffered another data breach where hackers gained access to its internal network again, stealing the information of hundreds of customers.
(Courtesy: bleepingcomputers)
