The major Japanese telecommunications provider, NTT Communications Corporation, has announced a cybersecurity incident impacting nearly 18,000 corporate customers. The breach was discovered on 5th February 2025 and involved unauthorized access to the company’s “Order Information Distribution System,” which contained data related to corporate customers or business clients. The company updated that the compromised data consists of customer names, contract numbers, representative names, phone numbers, email addresses, physical addresses, and service usage information. However, the company has also stated that the breach did not affect personal customer data or contracts for corporate smartphones and mobile phones provided by NTT Docomo.
The breach was detected by NTT on 5th February, after which they swiftly blocked the attackers’ initial access by the following day. However, upon further investigation, it was revealed that the threat actors had moved to another device within their network, which was subsequently disconnected on 15th February to prevent further lateral movement. The threat is believed to be fully contained now. A general public announcement has been issued on the company’s website. The company also stated that it would not be sending any personalized notifications to the affected customers. This decision comes amidst NTT’s ongoing challenges with cybersecurity.
This is not the first incident in which NTT was under the target of threat actors. As a major telecom provider, NTT faces constant threats of cyberattacks. In early January this year, the mobile services and payment platforms were impacted due to a DDoS attack resulting in a 12-hour service disruption. Also, in May 2020, customer information was illicitly obtained from NTT’s internal systems in a data breach. These incidents underscore the importance of robust cybersecurity measures in the telecommunications industries as the critical infrastructure sector remains a persistent vector for malicious activity by attackers.
