NTT Data Breach Exposes Information of Nearly 18,000 Corporate Customers
A recent data breach suffered by Japanese telecom giant NTT has exposed information of nearly 18,000 corporate customers. On February 5th, the security team detected suspicious activity in its ‘Order Information Distribution System,’ and immediately restricted access to device A. The company quickly sprang into action to contain the breach, launching an investigation that would ultimately reveal a significant data leak.
The incident was first detected on February 5th when NTT Communications Corporation (NTT Com) discovered that its facilities had been illegally accessed. Upon further investigation, it was confirmed on February 6th that some information may have been leaked, which is now being referred to as the “Incident.”
As a result of the internal investigation, NTT Com has discovered that some of the information about services for corporate customers stored in its internal system, the Order Information Distribution System *1 , may have been leaked to the outside. Fortunately, information about services for individual customers was not included.
Scope of the Breach
The investigation revealed that the incident exposed the data of 17,891 companies. This includes sensitive information such as contract number, customer name (contract name), name of customer contact, telephone number, email address, address, and information related to service use.
Key Details Exposed in the Breach
The potentially exposed information includes:
- Contract number
- Customer name (contract name)
- Name of customer contact
- Telephone number
- Email address
- Address
- Information related to service use
It is worth noting that the incident did not expose contracts for corporate smartphones and mobile phones provided directly by NTT Docomo.
Response and Mitigation Efforts
In response to the incident, NTT Com announced that it will enhance security measures, improve service quality, and promptly disclose updates while maintaining customer confidentiality. The company has also taken steps to notify affected customers and is working to prevent similar attacks in the future.
Previous Data Breach
This is not the first time NTT Com has faced a data breach. In May 2020, the company disclosed that it had suffered another breach, which impacted hundreds of customers. The incident occurred when threat actors breached an operational server and an information management server that stored customer information.
Security Experts Weigh in
Experts at NTT Com initially noticed suspicious activity on an Active Directory server, which led to the discovery of a larger breach. The internal investigation revealed that attackers had targeted a server in Singapore before using it for lateral movements and reaching the infrastructure in Japan.
Prevention Measures
In response to the incident, NTT Com has taken additional measures to prevent similar attacks in the future. These efforts include shutting down impacted servers to prevent malware from spreading and communicating with external servers.
The company has also announced plans to enhance security measures and improve service quality. This includes promptly disclosing updates while maintaining customer confidentiality.