NTT Communications, a Japanese telecommunications company, discovered unauthorized access to its systems on February 5, 2025, which led to a significant data breach. The breach targeted the Order Information Distribution System, responsible for managing service activations and modifications. As a result, the personal data of 17,891 corporate customers was potentially exposed, including sensitive information like company names, contract numbers, contact details, service usage, and email addresses. However, personal customer data was confirmed to be unaffected by the breach, easing concerns about wider implications for individuals.
Upon discovering the unauthorized access, NTT Communications took immediate action to address the issue, limiting access to the compromised systems.
By February 6, the company confirmed that some corporate customer data had been leaked. Despite this, NTT quickly implemented measures to halt the attack and prevent further data loss. The company further isolated the compromised devices on February 15, cutting off their connection to the internal network and ensuring no further unauthorized access could occur.
NTT Communications has been proactive in contacting affected customers and informing them about the breach. They clarified that electronic communication was not used to notify clients about the incident and instead relied on direct contact through their sales representatives. Despite the breach, there have been no confirmed reports of the exposed data being misused or exploited, and NTT emphasized that it has taken steps to mitigate any further risks to its network and services.
The company also acknowledged the inconvenience caused to affected customers and expressed sincere apologies for the disruption.
In response to the breach, NTT Communications has committed to strengthening its security protocols and monitoring systems to prevent future incidents. While the company has not disclosed the identity of the attackers, it has assured that it will continue to improve its security measures. NTT also pledged to provide updates to customers if any new information or developments arise, reinforcing its commitment to protecting the data and interests of its corporate clientele. The company has indicated that it will continue to work toward enhancing its overall security framework to safeguard against potential threats in the future.
Reference:
