:

DATA BREACH HITS 14.2M LOGINS AT JAPANESE ISPS

AI DESK1 MIN READ
SUN, JUN 28, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Japanese telecom KDDI Corporation disclosed a data breach exposing up to 14.2 million email logins. Threat actors accessed an email system shared by KDDI and five other internet service providers in the country.

KDDI, one of Japan's major telecommunications operators, confirmed the security incident affected its email infrastructure used across multiple ISPs. The breach exposed customer email logins and associated credentials. The incident highlights the cascading risks of shared infrastructure among providers. A compromise at a single point of access can impact millions of users across multiple organizations. KDDI has not disclosed specific details about the breach timeline, the identity of the threat actors, or whether the exposed credentials have been actively exploited. The company is investigating the incident and working to secure affected systems. Users of the affected ISPs are advised to monitor their accounts for suspicious activity and change passwords if they use credentials associated with the compromised email systems. This incident adds to a growing list of large-scale data breaches affecting telecommunications providers globally.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Russian threat actor UAT-11795 is distributing trojanized versions of popular video conferencing apps to deploy Starland, a new backdoor capable of stealing credentials and cryptocurrency.

1H AGOSecurity Desk

A new ransomware group called Spirals has demonstrated rapid attack capabilities, completing full network encryption within a single day. The threat actor moved from initial access through data theft to encryption faster than most ransomware operations.

1H AGOSecurity Desk

The Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring federal agencies to patch a critical Oracle E-Business Suite vulnerability by Saturday. The flaw is currently being exploited in active attacks.

1H AGOSecurity Desk

xAI has filed a lawsuit against a user who allegedly used Grok to generate nonconsensual sexualized images of both adults and children.

3H AGOAI Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.