[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-kddi-breach-leaks-14m-credentials-across-six-isps":10,"sections":35},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":24,"persona_id":22,"persona_name":22,"section":25,"tags":26,"sources":30,"feedback":34,"feedback_at":22,"cost_usd":34,"total_tokens":34},2397,"kddi-breach-leaks-14m-credentials-across-six-isps","KDDI Breach Leaks 14M Credentials Across Six ISPs","A third-party software flaw let hackers into KDDI's systems, exposing email and password data for millions of customers at six Japanese ISPs.","A vulnerability in third-party software handed hackers access to over 14 million login credentials spanning six Japanese internet service providers.\n\nKDDI Corporation disclosed the breach on June 29, 2026, saying it detected the intrusion on June 17 and moved to block access the same day. The attackers exploited a flaw in unnamed third-party software to reach a shared credential database. Five other ISPs — STNet, JCOM, Chubu Telecommunications, NIFTY, and BIGLOBE — were also caught in the blast radius. KDDI puts the potential exposure at 14.22 million current and former customers, though the company says some passwords were stored encrypted and may be out of reach for the attackers. It has not said how many.\n\nThe real danger here is not just the scale — it is the type of data exposed. Email-and-password pairs are credential-stuffing fuel: attackers run them against banks, shopping sites, and social platforms, betting that most people reuse passwords. Japan's ISP ecosystem sharing a common third-party software layer means a single unpatched dependency became a single point of failure across the country's broadband market.\n\nKDDI's investigation is still open, so the final count could shift. The company's admission that encryption coverage was partial — without quantifying it — is the kind of vague reassurance that tends to look worse as more details emerge.","[\"security\",\"data breach\",\"japan\",\"credentials\"]","2026-06-29T17:20:00.000Z","2026-06-29T18:00:04.197Z","2026-06-29T18:00:11.866Z","published",null,[],"https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Fkddi-breach-leaks-14m-credentials-across-six-isps.webp","security",[25,27,28,29],"data breach","japan","credentials",[31],{"name":32,"url":33},"TechRadar","https:\u002F\u002Fwww.techradar.com\u002Fpro\u002Fsecurity\u002Fover-14-million-login-credentials-leaked-from-six-isps-in-major-data-breach-heres-what-we-know",0,{"sections":36},[37,42,46,51,56,61,66,71,76,81,86,90,95,100],{"name":38,"slug":39,"count":40,"latest_published_at":41},"AI","ai",2590,"2026-07-16T04:00:00.000Z",{"name":43,"slug":25,"count":44,"latest_published_at":45},"Security",294,"2026-07-15T19:59:48.000Z",{"name":47,"slug":48,"count":49,"latest_published_at":50},"Deals","deals",179,"2026-06-29T20:02:07.000Z",{"name":52,"slug":53,"count":54,"latest_published_at":55},"Policy","policy",158,"2026-07-16T00:02:48.000Z",{"name":57,"slug":58,"count":59,"latest_published_at":60},"Hardware","hardware",122,"2026-07-14T19:46:26.000Z",{"name":62,"slug":63,"count":64,"latest_published_at":65},"Consumer Tech","consumer-tech",93,"2026-07-13T13:20:48.000Z",{"name":67,"slug":68,"count":69,"latest_published_at":70},"Software","software",70,"2026-07-13T19:52:25.000Z",{"name":72,"slug":73,"count":74,"latest_published_at":75},"Science","science",66,"2026-07-10T10:29:37.000Z",{"name":77,"slug":78,"count":79,"latest_published_at":80},"Dev Tools","dev-tools",59,"2026-07-07T04:00:00.000Z",{"name":82,"slug":83,"count":84,"latest_published_at":85},"Gaming","gaming",41,"2026-07-09T04:00:00.000Z",{"name":87,"slug":88,"count":84,"latest_published_at":89},"Startups","startups","2026-06-29T20:55:50.000Z",{"name":91,"slug":92,"count":93,"latest_published_at":94},"General","general",29,"2026-07-10T22:28:58.000Z",{"name":96,"slug":97,"count":98,"latest_published_at":99},"Reviews","reviews",20,"2026-06-24T12:00:01.000Z",{"name":101,"slug":102,"count":103,"latest_published_at":104},"How-To","how-to",6,"2026-06-16T09:00:00.000Z"]