Home > Security > Security News

KDDI Data Breach Exposes 14.2 Million Managed Email Credentials

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
data breach
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google
Key Takeaways
  • Breach Detected: KDDI identified unauthorized access on June 17, 2026, to an email system it manages for itself and other ISPs.
  • Data Exposed: Roughly 14.2 million email addresses and passwords may have leaked, though passwords were hashed and encrypted.
  • ISPs Affected: STNet, JCOM, Chubu Telecommunications Co., Nifty Corporation, and BIGLOBE rely on the compromised platform.

Japanese telco KDDI has disclosed unauthorized access to an email system it manages for itself and several other local ISPs, potentially exposing approximately 14.22 million users. Attackers reportedly exploited a vulnerability in an unnamed third-party software used on the email service.

How the KDDI Breach Occurred

The company warned that millions of email addresses and passwords may have been leaked in this data breach, which it detected on June 17, 2026. According to KDDI, the passwords were hashed and encrypted, limiting the immediate risk to phishing and identity theft rather than direct account compromise.

KDDI is one user of the breached platform and also provides it to Japanese ISPs:

KDDI unauthorised access warning | Source: HackManac on X 
KDDI unauthorised access warning | Source: HackManac on X 

Those providers now face questions from their own customers about the exposure.

Investigation Continues

KDDI says it prevented further intrusion on the same day it detected the attack and says it has strengthened its defenses to block future incidents. The company announcement said the carrier has informed the relevant authorities of the situation but has not yet completed its investigation and remains unaware of the full extent of the incident.

Some of the data KDDI believes may have leaked pertains to dormant or cancelled accounts, complicating notification.

Earlier this year, a data breach at Dutch telecom provider Odido exposed almost 690,000 telecom customer accounts. In May, Lumen’s Black Lotus Labs identified a previously undocumented Linux malware family designated as Showboat that targets global telecommunications infrastructure.

In other recent news, Tata Electronics confirmed a data breach, and Texas Parks & Wildlife announced an intrusion that affects 3 million individuals.

Add a Comment
Related
Prison Bars - Man - Jail
Fantasy Sports and Betting Website Hacker Sentenced for Credential Stuffing Attack Compromising 60,000 Accounts
Usbliter8 Exploit Targets Apple SecureROM in Older iPhones, iPhone XS–11
Meta 3D Logo
Meta Pauses Model Capability Initiative (MCI) Over Data Security Concerns
WhatsApp VBScript Campaign Installs ManageEngine RMM, Kaspersky Warns
One unlocked padlock among locked padlocks
Tata Electronics Confirms Data Breach Affecting Apple, Tesla Supplier
OXLOADER: New Windows Loader Drops CASTLESTEALER via Google Ads
Most Popular
Prison Bars - Man - Jail
Fantasy Sports and Betting Website Hacker Sentenced for Credential Stuffing Attack Compromising 60,000 Accounts
Exposure Management: Lessons From ServiceNow Vulnerabilities
Telegram Restrictions in India Trigger VPN Download Surge
India's Temporary Telegram Restrictions Trigger One of 2026's Biggest VPN Download Surges
Usbliter8 Exploit Targets Apple SecureROM in Older iPhones, iPhone XS–11
Meta 3D Logo
Meta Pauses Model Capability Initiative (MCI) Over Data Security Concerns
WhatsApp VBScript Campaign Installs ManageEngine RMM, Kaspersky Warns
Fantasy Sports and Betting Website Hacker Sentenced for Credential Stuffing Attack Compromising 60,000 Accounts
Exposure Management: Lessons From ServiceNow Vulnerabilities
India's Temporary Telegram Restrictions Trigger One of 2026's Biggest VPN Download Surges
Usbliter8 Exploit Targets Apple SecureROM in Older iPhones, iPhone XS–11
Meta Pauses Model Capability Initiative (MCI) Over Data Security Concerns
WhatsApp VBScript Campaign Installs ManageEngine RMM, Kaspersky Warns

Most Popular
Prison Bars - Man - Jail
Fantasy Sports and Betting Website Hacker Sentenced for Credential Stuffing Attack Compromising 60,000 Accounts
Exposure Management: Lessons From ServiceNow Vulnerabilities
Telegram Restrictions in India Trigger VPN Download Surge
India's Temporary Telegram Restrictions Trigger One of 2026's Biggest VPN Download Surges
Usbliter8 Exploit Targets Apple SecureROM in Older iPhones, iPhone XS–11
Meta 3D Logo
Meta Pauses Model Capability Initiative (MCI) Over Data Security Concerns
WhatsApp VBScript Campaign Installs ManageEngine RMM, Kaspersky Warns
Fantasy Sports and Betting Website Hacker Sentenced for Credential Stuffing Attack Compromising 60,000 Accounts
Exposure Management: Lessons From ServiceNow Vulnerabilities
India's Temporary Telegram Restrictions Trigger One of 2026's Biggest VPN Download Surges
Usbliter8 Exploit Targets Apple SecureROM in Older iPhones, iPhone XS–11
Meta Pauses Model Capability Initiative (MCI) Over Data Security Concerns
WhatsApp VBScript Campaign Installs ManageEngine RMM, Kaspersky Warns

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: