Japanese telecommunications company Nippon Telegraph & Telephone (NTT) has suffered a data breach that resulted in the leak of hundreds of client records from a subsidiary.
Ranked 55th in the Fortune Global 500, NTT is the fourth-largest telecommunications company in the world by revenue and the fifth largest publicly traded company in Japan.
The company disclosed a data breach this week, saying hackers breached several layers of its IT infrastructure – presumably originating from an NTT base in Singapore – and reached an internal Active Directory to steal data on 621 customers from communications subsidiary NTT Communications. The attackers then reportedly uploaded that data to a remote server in their control.
It is unclear if the customers are individual users or partner companies / service providers of NTT Communications. The hack occurred on May 7, and NTT said it only learned of it four days later, as reported by ZDNet’s Catalin Cimpanu.
NTT is apparently taking diligent steps to inform affected parties, as it just recently confirmed the intrusion. The firm also said it plans to notify all customers “when it becomes clear what should be notified.”
As the company investigates the hack, NTT is already upgrading its systems to harden its infrastructure. Ironically, the firm recently rolled out its 2020 Global Threat Intelligence Report with the reminder that “the threat landscape is continuously changing, especially during these tumultuous times.”
The report warns that Internet of Things (IoT) devices are increasingly used as entry points in cyber-attacks and recommends that “businesses strive to be both secure by design and cyber-resilient.”