NTT Communications Confirms Hackers Breached Data of Nearly 18,000 Corporate Clients in February Cyberattack
In February 2025, NTT Communications (NTT Com), one of Japan’s leading telecommunications companies, experienced a significant cyberattack that exposed sensitive data from nearly 18,000 corporate customers. This attack is part of a worrying trend of rising cybercrime targeting telecom giants worldwide. Below, we explore further details about the incident, its impact, and the broader implications for the cybersecurity landscape.
Table of Contents
The Breach: What Happened?
NTT Com revealed the breach on February 5, 2025, after discovering that hackers had gained unauthorized access to an internal system used to manage service orders. This system housed valuable data related to corporate customers, including personal contact details, service contracts, and usage statistics.
According to the telecom giant, the attackers accessed the following types of sensitive information from 17,891 organizations:
- Customer Names: Identifying information of businesses using NTT Com’s services.
- Contract Numbers: Unique identifiers linked to each corporate service agreement.
- Phone Numbers and Email Addresses: Contact details of key individuals within affected organizations.
- Physical Addresses: Locations of businesses, which may aid hackers in planning further attacks.
- Service Usage Information: Insights into how companies were utilizing NTT Com’s services, potentially useful for future targeted cyberattacks.
NTT Com has yet to confirm how many individual employees’ personal information was accessed during the breach. The company has not provided any information on whether this data was misused, though the exposure of such details remains a significant concern for affected parties.
Timeline of Discovery and Response
NTT Com’s immediate response to the breach was swift. Upon detecting unauthorized access, the company restricted the compromised device and started investigating the extent of the breach. However, on February 15, 2025, NTT Com discovered that the attackers had infiltrated a second internal device, leading the company to disconnect it immediately.
Despite the prompt action taken by NTT Com, the delay in uncovering the full scale of the breach raises concerns about the effectiveness of its internal security protocols. Furthermore, the lack of transparency regarding the breach’s full impact has left customers in the dark about whether their personal or business data was specifically targeted.
The Impact: Affected Organizations and Individuals
NTT Com has not yet named the organizations that were affected by the data breach. However, given that the company serves over 100,000 corporate customers across 70 countries, it is likely that many large international firms may have been impacted. These businesses span various sectors, including finance, healthcare, technology, and government, making the stolen data highly valuable.
While the company has not disclosed how many individuals’ data was affected, the exposure of contact details and service information could lead to identity theft, phishing attacks, and other types of cybercrimes. Additionally, the stolen data could also be exploited by cybercriminals to infiltrate corporate networks, posing an even greater threat to businesses worldwide.
The Cyberattackers: Who Is Behind the Breach?
NTT Com has not revealed the identity of the hackers behind the February breach. However, it is important to note that telecommunications companies like NTT Com have become prime targets for cybercriminals, including ransomware groups and state-sponsored actors.
In recent years, telecom providers have faced increasingly sophisticated attacks. In September 2024, the China-linked “Salt Typhoon” hacking group was found to have breached several U.S. phone and internet giants to access sensitive communications from senior U.S. government officials. The Salt Typhoon group, which continues to target telecom networks, exemplifies the growing threat of state-sponsored cyberattacks on critical infrastructure.
Another possible threat comes from financially motivated cybercriminals who often target telecom companies for their vast repositories of phone records and service data. These records can be valuable for planning future attacks, including social engineering scams and fraud.
Broader Implications for Cybersecurity
The breach at NTT Com underscores the growing importance of securing telecom infrastructure. As one of the most essential service providers globally, telecom companies hold vast amounts of personal and corporate data, making them prime targets for attackers.
This breach also highlights the need for companies to prioritize cybersecurity and implement robust measures to protect sensitive data. It is essential that organizations invest in advanced threat detection systems, regular security audits, and employee training to minimize the risk of future cyberattacks. Moreover, businesses must be prepared to respond quickly and transparently if a breach occurs, ensuring they protect their customers’ data and maintain trust.
Global Impact on Telecom Security
Telecom companies around the world are increasingly in the crosshairs of cybercriminals and nation-state hackers. This attack is a part of a broader trend where cyberattacks are becoming more sophisticated and widespread. The rise of ransomware and espionage-driven attacks on telecom networks shows that hackers are not just after financial data but also sensitive political, military, and government communications.
As a result, telecom giants must reassess their cybersecurity strategies, particularly as the industry faces greater threats in the future. The NTT Com breach is a stark reminder that no organization is immune to cyber threats, regardless of size or reputation.
What’s Next for NTT Com?
NTT Com has pledged to enhance its security protocols to prevent future breaches. While the company has not shared details on specific measures, it is likely that more advanced encryption, multi-factor authentication, and increased monitoring of internal systems will be part of their response strategy.
The company also faces the task of communicating transparently with affected customers, detailing the full scope of the breach and offering solutions such as credit monitoring or identity protection for individuals impacted by the attack.
Conclusion: The Growing Threat to Telecom
The NTT Com breach is a wake-up call for telecom providers worldwide, signaling the growing risks posed by cyberattacks. As businesses and governments continue to rely on telecom infrastructure for critical services, the stakes for maintaining robust cybersecurity have never been higher. This breach also reinforces the need for organizations to adopt comprehensive cybersecurity strategies, safeguard sensitive data, and prepare for the inevitable rise in cyber threats.
The full extent of the breach and its long-term consequences are yet to be seen, but it is clear that NTT Com, its customers, and the wider telecom industry will need to invest heavily in cybersecurity to prevent future incidents. For now, all eyes are on the company’s next steps and how it will address the trust issues raised by this significant security incident.
NTT Communications (NTT Com), a major Japanese telecom provider, has confirmed that hackers accessed sensitive data from nearly 18,000 corporate customers during a cyberattack in February, potentially exposing an unknown number of individuals.
The Tokyo-based telecom giant, known for offering phone and network technology to businesses, revealed the breach on February 5 after discovering unauthorized access to an internal system managing service orders.
Stolen data includes customer names, contract numbers, phone numbers, email addresses, physical addresses, and service usage details from 17,891 organizations. However, NTT Com has not disclosed how many individuals’ personal information was compromised, nor has it named the affected companies. The company serves over 100,000 corporate clients in 70 countries globally.
NTT Com took immediate action after detecting the breach, restricting access to the compromised system. However, a follow-up investigation on February 15 revealed that hackers had also accessed another internal device, which was swiftly disconnected. The telecom provider has not identified the attackers or the specifics of the cyberattack, and no major ransomware groups have claimed responsibility yet.
Telecommunications companies like NTT Com have become frequent targets for cybercriminals and state-sponsored hackers. In September 2024, the China-linked “Salt Typhoon” group breached U.S. telecom giants to access sensitive communications from senior U.S. government officials. These attacks reflect the growing trend of cybercriminals targeting telecom networks, including phone records, which can fuel additional cyberattacks.
