Japanese IT services firm reveals hack affecting up to 621 corporate customers

Between cloud computing and other IT services, NTT Communications has a wealth of data for hackers to aim at.

Hackers earlier this month breached the computer systems of Japanese data-management company NTT Communications in an incident that could affect 621 clients, the company said Thursday.

NTT Communications, which powers data centers in more than 20 countries or regions, said the unidentified hackers had breached the company’s Active Directory server, a repository of network data, and used it as the focal point of their attack.

Four days after the breach began, NTT officials realized that data may be leaving their network. In a rare level of detail for a breach disclosure, the company said it had identified external websites the attackers were using to communicate with their malware and shut off those access points.

Between cloud computing and other IT services, NTT Communications has a wealth of data for hackers to aim at. It is one of several subsidiaries of NTT Group, a Fortune 100 tech giant with more than 303,000 employees.


NTT officials are in the process of notifying affected customers. The company said it is tightening up security and still investigating the incident.

NTT is not the only big Japanese company that has had to deal with a significant cybersecurity incident in recent months. Japanese officials are investigating a possible breach of sensitive defense contracting data following a cyberattack last year on Mitsubishi Electric.

ZDNet reported on the breach earlier Thursday.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts