
KDDI Data Breach May Have Exposed Up to 14.22 Million Email Accounts
Japanese telecommunications company KDDI has disclosed a major cybersecurity incident in which up to 14.22 million email addresses and passwords may have been exposed through systems used by multiple internet service providers. The KDDI data breach has now become one of the most recent security events involving shared ISP infrastructure in Japan.
The company confirmed that the data breach at KDDI was detected on June 17, 2026, after unauthorized access was identified in an email system provided to ISP operators. KDDI said it immediately took steps to modify the affected system and deployed protective measures after identifying the entry point used by a threat actor.
KDDI Data Breach Li...