KDDI confirmed a major data breach affecting 12.23 million email users and 7.61 million stolen passwords after hackers exploited a software vulnerability in its foundational email system. The company has patched the flaw, urged mandatory password resets, and warned users about phishing and credential-stuffing risks. #KDDI
Keypoints
- KDDI confirmed a breach impacting 12.23 million email addresses.
- Hackers also stole 7.61 million passwords from the incident.
- The attack targeted six downstream email service providers using KDDI infrastructure.
- The root cause was a software vulnerability in the email system.
- KDDI urged immediate password changes and warned of phishing and credential stuffing.