NTT Com Data Breach: 18,000 Organizations Affected

NTT Communications Data Breach Affects Thousands of Customers

NTT Communications (NTT Com), a leading Japanese telecommunications company, has verified a cybersecurity incident. The breach resulted in unauthorized access to the data of approximately 18,000 business clients during a February attack.

Details of the Incident

The Tokyo-based NTT Com, a provider of network and phone technologies for businesses, initially identified the data breach on February 5th. Investigations revealed hackers had obtained “unauthorized access” to a system utilized for managing service requests.

According to NTT Com, the compromised data encompasses customer names, contract identifiers, phone numbers, email addresses, physical locations, and details regarding service utilization for 17,891 organizations.

Scope of the Data Compromise

Currently, NTT Com has not disclosed the number of individual employees whose personal information was potentially exposed. Furthermore, the company has not yet released a list of the organizations impacted by the data theft.

NTT Com serves over 100,000 corporate customers across 70 countries globally, as stated on their official website.

Response and Containment Measures

Upon detection of the breach, NTT Com stated that access to the affected system was “immediately restricted” within their internal infrastructure.

However, on February 15th, the company discovered a compromise of another device on its internal network. This device was subsequently “promptly disconnected” to limit further damage.

Ongoing Investigation

The identity of the perpetrators behind the February breach remains unknown. The specific methods employed in the cyberattack are also still under investigation.

As of now, no prominent ransomware group has claimed responsibility for the attack on NTT Com.

Telecoms as a Target

Telecommunications organizations have increasingly become prime targets for both cybercriminals and state-sponsored hackers in recent years.

In September 2024, reports surfaced indicating that the China-affiliated “Salt Typhoon” hacking group had infiltrated several major U.S. phone and internet providers. Their objective was to access the private communications of high-ranking U.S. government officials.

Recent intelligence suggests that Salt Typhoon continues to focus its efforts on telecommunications companies.

Exploitation of Phone Records

Cybercriminals frequently target the databases of phone records maintained by telecom giants. This data can be leveraged to facilitate further malicious cyber activities.

Contact Information

If you were notified regarding the NTT Com data breach, we encourage you to reach out. You can securely contact Carly Page on Signal at +44 1536 853968 or via email at carly.page@techcrunch.com. Alternatively, you can contact TechCrunch through SecureDrop.