VulnHub

Real-time Cybersecurity News

KDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs

Security Affairs
Actively Exploited
VulnerabilityData Breach

Overview

KDDI Corporation has reported a significant data breach that affects up to 14.2 million email accounts belonging to users of six Japanese internet service providers. The breach occurred due to attackers exploiting a vulnerability in third-party software used by the company. KDDI, one of Japan's largest telecommunications firms, has a large user base, making this breach particularly concerning. Users of the affected email accounts may face risks such as identity theft and unauthorized access to personal information. The incident raises questions about the security of third-party software and the measures companies take to protect sensitive user data.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Up to 14.2 million email accounts at six Japanese ISPs
  • Action Required: Users should change their passwords and enable two-factor authentication where available; KDDI is likely working on patches for the vulnerable software.
  • Timeline: Disclosed on October 2023

Original Article Summary

KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exposed up to 14.2 million email accounts across six Japanese internet service providers. KDDI Corporation is one of Japan’s largest telecommunications companies. It employs more than 60,000 people […]

Impact

Up to 14.2 million email accounts at six Japanese ISPs

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Disclosed on October 2023

Remediation

Users should change their passwords and enable two-factor authentication where available; KDDI is likely working on patches for the vulnerable software.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Vulnerability, Data Breach.

Read Original Article

Related Coverage

Security Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

The latest Security Affairs newsletter includes a warning from the FBI about Russian intelligence agencies utilizing Signal Recovery Keys to intercept and access private messages. This development raises concerns for individuals and organizations relying on encrypted communication for privacy. The hospitality sector has also been noted as a target, suggesting that attackers are expanding their focus beyond traditional sectors. These incidents emphasize the need for vigilance in cybersecurity practices, especially in industries handling sensitive information. Organizations should reassess their security measures to better protect against such sophisticated tactics.

Jun 28, 2026

Data breach exposes up to 14.2 million email logins at six ISPs

BleepingComputer

KDDI Corporation, a major telecommunications provider in Japan, has reported a significant data breach affecting its email system, which is also used by five other internet service providers (ISPs). The breach has exposed up to 14.2 million email logins, putting users' personal information at risk. KDDI did not specify how the attackers gained access or whether any sensitive data beyond email logins was compromised. This incident raises concerns about the security measures in place at ISPs and the potential for increased phishing attacks targeting affected users. As the investigation continues, users are advised to change their passwords and remain vigilant against suspicious communications.

Jun 28, 2026

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

The Hacker News

The Security Service of Ukraine (SSU) and the FBI have exposed a campaign by Russian intelligence aimed at infiltrating the messaging accounts of various individuals, including government officials, military personnel, and activists in Ukraine, Europe, and the U.S. The attackers used fake support texts to trick victims into revealing their messaging credentials. This operation is part of a broader strategy to gather sensitive information and undermine trust among key figures in these regions. The implications are significant, as such breaches can lead to the exposure of critical communications and potentially jeopardize national security and public safety.

Jun 27, 2026

Chinese Framework Powers 200,000 Scam Sites

SecurityWeek

A recent report reveals that over 200,000 scam websites are using templates generated by a legitimate Chinese framework called DCloud Uni-App. Attackers are exploiting this toolkit to create investment scam sites that trick users into giving away money. This issue is significant because it highlights how easily legitimate software can be misused for fraudulent purposes, putting countless individuals at risk. As these scams proliferate, it becomes crucial for internet users to be vigilant and recognize potential red flags in online investment opportunities. Companies and regulators need to consider stronger measures to combat such deceptive practices.

Jun 27, 2026

Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk

darkreading

Recent breaches involving third-party vendors have put educational institutions on high alert regarding the security of student data. As ransomware attacks become more common, schools and universities are increasingly recognizing the risks associated with relying on external vendors for services. These incidents have revealed vulnerabilities that can expose sensitive information, prompting institutions to strengthen their cybersecurity measures. The need for schools to assess and manage vendor risk is more crucial than ever, as attackers often target less secure third-party systems to gain access to larger networks. This situation not only threatens the privacy of students but also can lead to significant financial and reputational damage for educational organizations.

Jun 27, 2026

2 Linux kernel flaw PoCs published, enabling local privilege escalation

SCM feed for Latest

Recently, two proof-of-concept (PoC) exploits for vulnerabilities in the Linux kernel have been published, enabling local privilege escalation. One of these flaws is known as DirtyClone, which is related to the DirtyFrag vulnerability class. These vulnerabilities could allow attackers with local access to escalate their privileges, potentially gaining control over sensitive system functions. This is particularly concerning for systems that rely heavily on Linux, as it could lead to unauthorized access to critical data and services. Users and administrators should be aware of these vulnerabilities and take necessary precautions to secure their systems against potential exploitation.

Jun 26, 2026