Japan: Over 14 Million Login Credentials Leaked From Six ISPs in Major Breach
Japanese telecom KDDI disclosed a breach exposing 14 million ISP customer credentials.
AR
Aditya Raj
July 2, 2026
AI Summary
KDDI disclosed a breach of 14 million ISP customer credentials, one of Japan's largest data breaches, prompting a government investigation.
Japanese telecommunications giant KDDI has disclosed a data breach that exposed over 14 million login credentials across six internet service providers. The breach is one of the largest in Japan's history and has prompted a government investigation.
The KDDI breach compromised data from 14 million ISP customers
The compromised data includes usernames, hashed passwords, email addresses, and in some cases, billing details. KDDI has stated that the breach originated from unauthorized access to a third-party system used for customer management. The Japanese Ministry of Internal Affairs and Communications has launched an investigation into KDDI's security practices and is considering new regulations for ISP data protection.
Cybersecurity experts note that the use of legacy systems may have contributed to the vulnerability. KDDI is offering free credit monitoring to affected customers.
Advertisement
Key Takeaways
114 million credentials leaked from six Japanese ISPs via KDDI
2Breach includes usernames, hashed passwords, and billing details
3Third-party system vulnerability was the entry point
4Japanese government has launched an investigation