KDDI Cyberattack Exposes Up to 14 Million Email Addresses and Passwords

Japanese telecom KDDI confirms breach exposing millions of emails and unencrypted passwords, urging customers to update credentials immediately.

KDDI Cyberattack Exposes Up to 14 Million Email Addresses and Passwords
Sarah Collins

Sarah Collins

Computing Editor

Specializes in PCs, laptops, components, and productivity-focused computing tech.

What happened in the KDDI cyberattack?

KDDI, a major Japanese telecommunications provider, suffered a significant security breach in mid-2026 that compromised the email accounts of millions of users. Unauthorized access affected six ISPs under KDDI’s umbrella—including STNet, JCOM, and BIGLOBE—resulting in the exposure of up to 14.22 million email addresses and associated passwords. Notably, some passwords were stored unencrypted, heightening the severity of the compromise. The breach involves both active and dormant accounts, including former customers.

What are the risks and impacts for affected users?

KDDI Email System Data Breach Exposes Over 12 Million Credentials Across  Six Major Japanese ISPs – Rescana
KDDI Email System Data Breach Exposes Over 12 Million Credentials Across Six Major Japanese ISPs – Rescana

Exposure of unencrypted passwords alongside email addresses puts users at considerable risk of identity theft, account takeover, and phishing attacks. Attackers could potentially leverage these credentials to access other online services if users reused passwords—a common security pitfall. The inclusion of dormant and former accounts broadens the impact scope, affecting not only current users. The scale of millions of users makes this one of Japan’s largest telecom data breaches, with recovery efforts ongoing.

How is KDDI responding and what should users do?

Following discovery on June 17, KDDI launched coordinated efforts with its partner ISPs to notify affected users and implement countermeasures. Customers are strongly advised to promptly change their email account passwords and any other services where those credentials may have been reused. KDDI is also investigating the root cause and working to strengthen its security systems to prevent future incidents. Users should stay alert for phishing attempts and monitor accounts for suspicious activity.

What practical steps can users take now?

KDDI Telecom Data Breach Impacts Over 12 Million Users
KDDI Telecom Data Breach Impacts Over 12 Million Users
  • Immediately update passwords for affected email accounts using strong, unique passwords.
  • Enable two-factor authentication where available to add an extra layer of protection.
  • Check other online accounts for password reuse and change credentials accordingly.
  • Be vigilant against phishing emails impersonating the telecom or partner ISPs asking for sensitive information.
  • Monitor financial and personal accounts for unauthorized activity regularly.

The KDDI breach underscores the ongoing challenge large service providers face securing vast user data and highlights the importance of user vigilance and proactive security hygiene in mitigating the risks from such incidents.

React to this story

Related Posts