Japan: Over 14 Million Login Credentials Leaked From Six ISPs in Major Breach
Japanese telecom KDDI disclosed a breach exposing 14 million ISP customer credentials.
Aditya Raj
July 2, 2026 · 1 min read
KDDI disclosed a breach of 14 million ISP customer credentials, one of Japan's largest data breaches, prompting a government investigation.
Japanese telecommunications giant KDDI has disclosed a data breach that exposed over 14 million login credentials across six internet service providers. The breach is one of the largest in Japan's history and has prompted a government investigation.
Warning
Affected users should immediately change passwords for all accounts, enable multi-factor authentication, and monitor financial statements for unauthorized activity.
The compromised data includes usernames, hashed passwords, email addresses, and in some cases, billing details. KDDI has stated that the breach originated from unauthorized access to a third-party system used for customer management. The Japanese Ministry of Internal Affairs and Communications has launched an investigation into KDDI's security practices and is considering new regulations for ISP data protection.
Cybersecurity experts note that the use of legacy systems may have contributed to the vulnerability. KDDI is offering free credit monitoring to affected customers.
Key Takeaways
- 1 14 million credentials leaked from six Japanese ISPs via KDDI
- 2 Breach includes usernames, hashed passwords, and billing details
- 3 Third-party system vulnerability was the entry point
- 4 Japanese government has launched an investigation
Frequently Asked Questions
How many credentials were leaked?
Over 14 million
Who was the affected company?
KDDI, a Japanese telecom giant
What data was compromised?
Usernames, hashed passwords, email addresses, billing details
SOURCES
TOPICS
Stay Ahead with TECHRADAR360
Get the latest tech news delivered to your inbox every morning.