Japanese telecom giant NTT Communications (NTT Com) has confirmed that hackers accessed the data of almost 18,000 corporate customers during a February cyberattack, affecting an as-yet-unknown number of individuals. The breach, which was detected on February 5, exposed sensitive customer information including names, contract numbers, phone numbers, email addresses, physical addresses, and service usage details.

The cyberattack, which is still under investigation, targeted an internal system used for managing service orders. NTT Com, which provides phone and network technology to enterprises, has over 100,000 corporate customers in 70 countries worldwide. While the company has disclosed the number of affected organizations, it has not yet revealed how many individual employees had their personal information compromised.

In response to the breach, NTT Com claims to have "immediately restricted access" to the compromised device within its internal systems. However, the company later discovered that the attackers had compromised another device in its internal network on February 15, which was promptly disconnected. The identity of the attackers and the specific nature of the cyberattack remain unknown, and no major ransomware group has claimed responsibility.

The cyberattack on NTT Com highlights the growing threat faced by telecom organizations, which have become a prime target for cybercriminals and nation-backed hackers in recent years. In September 2024, it was revealed that the China-linked "Salt Typhoon" hacking group had breached several U.S. phone and internet giants to gain access to the private communications of senior U.S. government officials. Salt Typhoon continues to target telecommunications providers, according to a recent report.

The breach also underscores the importance of securing sensitive customer data, particularly in the telecom industry where vast amounts of personal information are stored. Cybercriminals often target the banks of phone records stored by telco giants, which can be used for further cyberattacks. As the telecom industry continues to grapple with these emerging threats, it remains to be seen how NTT Com will respond to this breach and what measures it will take to prevent similar incidents in the future.

The incident serves as a stark reminder of the need for robust cybersecurity measures and incident response plans in the telecom industry. With the increasing reliance on digital communication, the stakes have never been higher. As the investigation into the NTT Com breach continues, the tech community will be watching closely to see what lessons can be learned from this incident and how it will impact the industry's approach to cybersecurity.