Data breach exposes up to 14.2 million email logins at six ISPs

Data breach exposes up to 14.2 million email logins at six ISPs
KDDI Corporation disclosed a breach of one of its email systems used by five Japanese ISPs after attackers exploited a vulnerability in third-party software. The incident may have exposed email addresses and passwords for up to 14.22 million customers, prompting KDDI to notify authorities and urge password resets. #KDDI #STNet #JCOM #ChubuTelecommunications #NIFTY #BIGLOBE

Keypoints

  • KDDI detected the compromise on June 17 and blocked the attacker immediately.
  • The breach involved an email system used by five other ISPs in Japan.
  • Attackers abused a vulnerability in unnamed third-party software used by KDDI.
  • Up to 14.22 million customers may have had email addresses and passwords exposed.
  • KDDI notified regulators and advised affected users to reset passwords and enable 2FA.

Read More: https://www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/