NTT Communications Corporation (NTT) warns that a data breach exposed the details of nearly 18,000 corporate customers after hackers gained access to its systems.
Ranked 55th in the Fortune Global 500, Tokyo-based NTT is the world’s fourth-largest telecommunications company with over $100 billion in annual revenue. It provides phone and network services to over 100,000 global enterprise clients in over 190 countries and regions.
On February 5, 2025, NTT said it discovered that an authorized entity had illegally gained access to its internal computer systems.
“On February 5th, our Information Security Department identified a suspicious log in a communication to the device A within our internal Order Information Distribution System,” the company said in an online statement.
The telecom giant responded by implementing preliminary security measures to limit the threat actor’s access and launching an investigation that determined unauthorized data access.
NTT data breach impacts 17,891 corporate customers
On February 6, the telecom giant determined that the threat actor had breached the ‘Order Information Distribution System’ and accessed data belonging to 17,891 corporate customers. However, no personal information was compromised during the cybersecurity incident.
“We subsequently commenced a detailed investigation, analyzing the communication logs between the device in question and adjacent systems, as a result of which on February 6th we discovered that certain information might have been leaked from the Order Information Distribution System.”
Details leaked included the corporate customers’ registered contract name, their representative’s name, contact number, phone number, email address, physical address, and service usage information.
Subsequently, NTT moved swiftly to block the threat actor’s access, a day after discovering the data breach. However, the telecom giant determined on February 15 that the attacker had pivoted to another device on the corporate network, which was “promptly disconnected” to prevent lateral movement.
Currently, NTT believes that the data breach was successfully resolved and the threat actor’s access was terminated. The telecom giant also said it was in the process of notifying corporate customers impacted by the data breach and believes that the compromised information has not been misused.
“We are currently in the process of contacting customers whose order data may have been accessible as a result of this unauthorized access. At this time, there is no evidence of any unauthorized usage of such information,” NTT said.
Nonetheless, the telecom giant has also not disclosed the identity of the corporate customers affected by the data breach. The nature of the cyber attack also remains undisclosed as is the threat actor’s identity. Similarly, no cybercrime gang has taken responsibility for the NTT data breach.
Meanwhile, NTT said it was working to strengthen its cyber defenses to prevent similar cybersecurity incidents in the future and to enhance the quality of its services.
“We will continue to further strengthen security measures and monitoring systems to prevent recurrence and further improve the quality of our services,” the company stated.
Telecom companies under cyber threat
Nonetheless, NTT Communications Corporation has suffered cyber attacks in the past. On January 2, 2025, a distributed denial of service (DDoS) attack disrupted the telecom giant for 12 hours, disrupting various services.
In May 2020, NTT also suffered a data breach that allowed unauthorized entities to access the information of 621 corporate customers after breaching its infrastructure layers and compromising the company’s Active Directory.
Telecom companies, which are part of a country’s critical infrastructure, are lucrative targets for cyber attacks, including by state-sponsored threat actors. Various U.S. telecom giants including AT&T, Verizon, and T-Mobile have suffered numerous cyber attacks in the past few years.
In January 2025, an AT&T data breach exposed the FBI’s call logs, putting the identities of the federal law enforcement agency’s informants and agents at risk.
In February 2024, Verizon disclosed a data breach involving an insider threat that exposed the personal information of 63,206 employees. In October 2022, Verizon also suffered a cyber attack that allowed threat actors to swap sim cards of prepaid customers.
Similarly, American telecom giant T-Mobile also suffered a Lapsus$ cyber attack in April 2022, leaking the company’s source code.
