Japanese
Telecoms Giant NTT Suffers Data Breach, Takes Four Days to Learn of Intrusion
Japanese
telecommunications company Nippon Telegraph & Telephone (NTT) has suffered
a data breach that resulted in the leak of hundreds of client records from a subsidiary.
Ranked 55th
in the Fortune Global 500, NTT is the fourth-largest telecommunications company
in the world by revenue and the fifth largest publicly traded company in Japan.
The company
disclosed a data breach this week, saying hackers breached several layers of
its IT infrastructure – presumably originating from an NTT base in Singapore –
and reached an internal Active Directory to steal data on 621 customers from
communications subsidiary NTT Communications. The attackers then reportedly uploaded
that data to a remote server in their control.
It is unclear if the customers are individual users or partner companies / service providers of NTT Communications. The hack occurred on May 7, and NTT said it only learned of it four days later, as reported by ZDNet’s Catalin Cimpanu.
NTT is
apparently taking diligent steps to inform affected parties, as it just
recently confirmed the intrusion. The firm also said it plans to notify all
customers “when it becomes clear what should be notified.”
As the
company investigates the hack, NTT is already upgrading its systems to harden
its infrastructure. Ironically, the firm recently rolled out its 2020 Global
Threat Intelligence Report with the reminder that “the threat landscape is
continuously changing, especially during these tumultuous times.”
The report warns that Internet of Things (IoT) devices are increasingly used as entry points in cyber-attacks and recommends that “businesses strive to be both secure by design and cyber-resilient.”