NTT Communications (NTT Com), a subsidiary of the tech giant NTT Corp, disclosed a data breach that impacted hundreds of customers.
NTT Com provides network management, security and solution services to consumers, corporations and governments.
The company launched an investigation after discovering unauthorized access to some systems on May 7, then this week it confirmed that threat actors may have been stolen.
“NTT Communications (hereafter NTT Com) detected an unauthorized access to our equipment that has been made by an attacker on May 7, and the possibility that some information may have leaked to the outside was confirmed on May 11.” reads the data breach notification.
Experts at NTT Com initially noticed suspicious activity on an Active Directory server, then they discovered that threat actors have breached an operational server and an information management server that stored customer information.
The internal investigation revealed that attackers initially targeted a server in Singapore, then used it for lateral movements and reach the infrastructure in Japan.
In response to the incident, the company shut down impacted servers to avoid the malware from spreading and communicating with external servers.
According to NTT, the security breach could impact 621 companies whose information was stored on the information management server.
The company announced that it has taken additional measures to prevent similar attacks in the future.
(SecurityAffairs – NTT, hacking)