NTT Communications, a prominent Japanese telecommunications company, has confirmed a cyberattack in February that resulted in unauthorized access to the data of nearly 18,000 corporate customers, with an undetermined number of individuals affected.

Headquartered in Tokyo, NTT Com provides network and phone technology to enterprises and discovered the breach on February 5. The company found that hackers had gained unauthorized access to an internal system used for managing service orders.

According to NTT Com, the stolen data includes customer names, contract numbers, phone numbers, email addresses, physical addresses, and service usage information of 17,891 organizations.

The company has not disclosed the number of individual employees whose personal information was compromised in the breach. Additionally, NTT Com has not shared details about the affected companies. With over 100,000 corporate customers in 70 countries worldwide, as stated on its website, the extent of the breach remains to be fully determined.

NTT Com did not respond to TechCrunch’s inquiries outside of its working hours, providing no additional information beyond its initial statement.

Upon detecting the breach, NTT Com immediately restricted access to the compromised device within its internal systems. However, on February 15, the company discovered that the attackers had compromised another device, which was promptly disconnected.

The identity of the perpetrators and the nature of the cyberattack are still unknown. The breach has not been claimed by any major ransomware group, leaving the circumstances surrounding the attack unclear.

In recent years, telecom organizations have become a primary target for both cybercriminals and nation-backed hackers, posing significant risks to their security.

A notable example is the China-linked “Salt Typhoon” hacking group, which breached several U.S. phone and internet giants in September 2024 to access the private communications of senior U.S. government officials. According to a recent report, Salt Typhoon continues to target telecommunications providers.

Cybercriminals also target the large databases of phone records stored by telecom giants, which can be used to facilitate further cyberattacks, as seen in cases where individuals have been known to breach these systems.

If you were notified about the NTT Com data breach, we would like to hear from you. You can contact Carly Page securely via Signal at +44 1536 853968 or by email at carly.page@techcrunch.com. Alternatively, you can reach out to TechCrunch through SecureDrop.