KDDI , a major Japanese telecommunications company, confirmed that a June data breach affected over 12 million individuals. The breach, which occurred on June 17, involved unauthorized access to an email infrastructure used by five ISPs. A zero-day vulnerability was exploited, compromising the email addresses of 12.2 million users and the passwords of 7.6 million.
KDDI has initiated password resets for affected users, evicted the hackers from its systems, and is working to ensure there are no further vulnerabilities within the software. The company is also collaborating with ISPs to enhance security.