# KDDI Data Breach Exposes 14.22 Million Email Accounts Across 6 Japanese ISPs

_Tuesday, June 30, 2026 at 5:09 PM EDT · Cybersecurity · Latest · Tier 2 — Notable_

![KDDI Data Breach Exposes 14.22 Million Email Accounts Across 6 Japanese ISPs — Primary](https://thecyberexpress.com/wp-content/uploads/KDDI-data-breach.webp)

TOKYO -- Japanese telecommunications company KDDI disclosed that a breach of its ISP email platform may have exposed up to 14.22 million email addresses and passwords. The unauthorized access was detected on June 17, 2026, in an email system KDDI provides to internet service providers. Six ISPs were affected: STNet, KDDI Web Communications, JCOM, Chubu Telecommunications, Nifty, and Biglobe. Affected services include Pikara Hikari Service, Pikara Mobile Service, Oshigoto Pikara Service, CPI rental server email services, J:COM NET, Commufa Hikari, Business Commufa, @nifty Mail, and BIGLOBE Mail. KDDI's investigation found that a threat actor exploited vulnerabilities in third-party software integrated into the email system. The compromised data includes email addresses and passwords. Some passwords were stored in hashed or encrypted form. KDDI said the 14.22 million figure is a worst-case estimate that includes inactive accounts and accounts that had been closed. KDDI said it immediately modified the affected system and deployed protective measures. The company has been contacting affected providers since June 17 and is urging users to change passwords. KDDI said it is cooperating with Japan's Personal Information Protection Commission and the Ministry of Internal Affairs and Communications.

## Sources

- [The Cyber Express](https://thecyberexpress.com/kddi-data-breach-14-million-email-leak-2026/)
- [TechTimes](https://www.techtimes.com/articles/319261/20260629/kddi-data-breach-exposes-142-million-logins-shared-infrastructure-flaw-hits-six-isps.htm)

---
Canonical: https://techandbusiness.org/newswire/YN72UdJpPKjczYk6Q4lSvW
Retrieved: 2026-07-01T00:32:13.445Z
Publisher: Tech & Business (techandbusiness.org)
