The Circuitry
THE CIRCUITRYYour one-stop source for all tech news
HOMETODAYNEWSFEEDEVENTS
BOOKMARKS
RSS
© 2026 The Circuitry
About UsSourcesContactCorrectionsPrivacy
  • Today
  • Feed
  • Events
  • Saved
Scroll for more
Verification
VERIFIEDConfidence: HIGH
Source identified
Claims cross-referenced
No discrepancies found
Fact-check summary

The Japan Times, The Record, and multiple security outlets confirm KDDI's July 7 update on the 12.23M email addresses and 7.62M passwords exposed via the shared ISP platform breach discovered June 17.

Sourcing
4independent sources

via BleepingComputer

BleepingComputer · track record
61Stories
100%Verified
3730d
All sources →
Home/Tech/KDDI breach hits email platform used by five Japanese ISPs
VERIFIEDBy Xavier Rivera· ·2 min read

KDDI breach hits email platform used by five Japanese ISPs

KDDI disclosed that attackers breached an email platform used by five Japanese ISPs, exposing email addresses of 12,233,087 people and passwords of 7,616,173 others via a zero-day vulnerability first exploited on May 16. The company is forcing password changes and has deployed new detection tools after notifying regulators, with no confirmed secondary damage reported.

Source:BleepingComputer
Post
KDDI breach hits email platform used by five Japanese ISPs
TL;DRAI · 60 sec read

KDDI reports attackers breached an email platform shared by five Japanese ISPs using a zero-day vulnerability. The May intrusion exposed 12.2 million email addresses and 7.6 million passwords before discovery on June 17. The company forces password changes on all affected accounts to prevent misuse of the data.

Japanese telecommunications company KDDI disclosed that attackers broke into an email platform shared by five domestic internet providers, exposing the addresses of 12,233,087 individuals along with the passwords of 7,616,173 others.

KDDI discovered the breach on June 17 after attackers exploited a zero-day vulnerability. The firm cut off the intruders the same day, rolled out protective steps, and first went public with the matter last month. A July 6 update established that the intrusion started on May 16 through an unrecognized flaw in third-party software.

"As a result of our investigation, as of June 17, 2026, the date of our confirmation, this vulnerability was not recognized by the software vendor," KDDI said. "The software vendor has reported this vulnerability to public authorities and is working toward disclosing the information." A forensic review completed on June 23 verified that the exploited flaw had been fixed and that no additional problems existed in the environment. The operator has since installed Endpoint Detection and Response tools to catch future intrusion attempts.
From The CircuitryThe Feed — live briefs across tech, all day.See what’s happening →
The breach affected customers of five ISPs including STNet, JCOM, Chubu Telecommunications, NIFTY Corporation, and BIGLOBE. KDDI, the second-largest mobile carrier in Japan with 45,000 employees and annual revenue of $32.4 billion, initially reported that as many as 14.22 million current and former users plus dormant accounts could be involved. Confirmed numbers show email addresses for more than 12.2 million people and passwords for roughly 7.6 million.

Some of the exposed credentials had been kept in hashed or encrypted format, although the company gave no breakdown of how many remained in plain text or which encryption method was applied. KDDI has informed Japan's Personal Information Protection Commission and the Ministry of Internal Affairs and Communications. No confirmed follow-on misuse has surfaced.
KDDI is now forcing password changes across affected accounts within one or two days. Many frequent users have already reset their credentials, while the firm is coordinating with the partner ISPs to enforce mandatory updates for infrequent users within the next day or two.
Why this mattersAI · ~100 words

Tap a lens to see what this story means for you.

Reader-supported
DonateBuy me a coffee →Follow@thecircuitry_ →Follow@thecircuitry.to →

Reader-supported · Daily Brief

Daily brief at 7 AM ET. Top tech stories, every morning. Sourced and fact-checked.

HELP US IMPROVE
From The Circuitry

See what’s happening right now

The Feed runs all day — short, verified briefs the moment they break.

Open the Feed →
From The Circuitry

Follow @thecircuitry_

Every story we publish, as it happens. No noise between.

Follow on X ↗On Bluesky ↗

Reader-supported

The Circuitry is a passion project I've always wanted to build, and I love the work behind it.

Running it costs real money. APIs, hosting, time. To keep improving the site and growing this into something useful for everyone, those costs have to be covered.

Any contribution is appreciated. If not, no pressure. Thanks for reading.

Buy me a coffee
data-breachcybersecurityKDDI
More fromBleepingComputer
  • CISA tells federal agencies to fix actively exploited Langflow IDOR flaw by Friday

    Tech · 1h
  • Accenture confirms breach after hacker offers 35 GB of stolen data

    Tech · 15h
  • Attackers exploit max-severity Adobe ColdFusion flaw

    Tech · 2d
More inTech
  • Telstra outage disrupts emergency calls, trains and payments

    Tech · 31m
  • Blue Origin reportedly raising up to $10B in first private capital round

    Tech · 44m
  • CISA tells federal agencies to fix actively exploited Langflow IDOR flaw by Friday

    Tech · 1h
SupportThe Work

The Circuitry is reader-supported. If you find the daily brief useful, you can buy me a coffee to keep it going.

Buy a coffee →
SubscribeCircuitry Brief

Daily brief at 7 AM ET. Top tech stories, every morning.

MORE IN TECH

Telstra outage disrupts emergency calls, trains and payments

A software defect at Telstra on July 8, 2026 caused emergency calls to fail, halted regional trains in Victoria and disrupted payments for 80,000 businesses. The outage highlights vulnerabilities in critical national infrastructure that rely on a single telco provider.

Blue Origin reportedly raising up to $10B in first private capital round

Blue Origin is reportedly raising up to $10 billion in its first private capital round at a $130 billion valuation, with Coatue Management reported to lead participation from institutional investors and Jeff Bezos. The move ends the company's near-total reliance on Bezos' personal funding as it races to scale ambitious launch, lunar, and satellite constellation projects against SpaceX.

CISA tells federal agencies to fix actively exploited Langflow IDOR flaw by Friday

CISA directed federal agencies to patch the actively exploited CVE-2026-55255 authorization bypass in Langflow by Friday after adding it to the Known Exploited Vulnerabilities catalog. The IDOR flaw lets authenticated attackers reach other users' AI agent flows, sensitive data, and resources, with exploitation observed targeting compute power and credentials.