%20Abstract%20Background%20112024%20SOURCE%20Amazon.jpg)
![[The AI Show Episode 142]: ChatGPT’s New Image Generator, Studio Ghibli Craze and Backlash, Gemini 2.5, OpenAI Academy, 4o Updates, Vibe Marketing & xAI Acquires X](https://www.marketingaiinstitute.com/hubfs/ep%20142%20cover.png)
-Nintendo-Switch-2-–-Overview-trailer-00-00-10.png?width=1920&height=1920&fit=bounds&quality=80&format=jpg&auto=webp#)
_Anna_Berkut_Alamy.jpg?#)
![Pixel 9a gets early teardown: Vapor chamber, cameras, more [Video]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/04/Pixel-9a-teardown-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1){kind=tracking}
![YouTube Announces New Creation Tools for Shorts [Video]](https://www.iclarified.com/images/news/96923/96923/96923-640.jpg)
![[Weekly funding roundup March 29-April 4] Steady-state VC inflow pre-empts Trump tariff impact](https://images.yourstory.com/cs/2/220356402d6d11e9aa979329348d4c3e/WeeklyFundingRoundupNewLogo1-1739546168054.jpg)
Telecom Giant NTT Admits Hackers Accessed 18,000 Corporate Customers Data
Japanese telecommunications conglomerate NTT Communications (NTT Com) disclosed this week that threat actors infiltrated its internal systems in February, compromising sensitive data belonging to 17,891 corporate clients globally. The breach, detected on February 5, marks the latest in a series of high-profile cyberattacks targeting critical telecommunications infrastructure worldwide. According to Telecom giant NTT Com, attackers […] The post Telecom Giant NTT Admits Hackers Accessed 18,000 Corporate Customers Data appeared first on Cyber Security News.
Japanese telecommunications conglomerate NTT Communications (NTT Com) disclosed this week that threat actors infiltrated its internal systems in February, compromising sensitive data belonging to 17,891 corporate clients globally.
The breach, detected on February 5, marks the latest in a series of high-profile cyberattacks targeting critical telecommunications infrastructure worldwide.
According to Telecom giant NTT Com, attackers gained unauthorized access to an internal system responsible for managing enterprise service orders a platform critical for provisioning network solutions, IoT deployments, and cloud communications.
The compromised data includes organizational contract identifiers, executive contact details (names, email addresses, phone numbers), physical office locations, and granular service usage metrics.
While the company confirmed the corporate impact, it has not yet disclosed how many individual employee records were exfiltrated, leaving affected organizations uncertain about downstream privacy risks.
Forensic investigators identified a two-stage intrusion pattern. Initial access to the service management system occurred via credential exploitation (MITRE ATT&CK T1078) on February 3, with lateral movement detected toward a secondary network device by February 15.
NTT Com’s security team isolated both systems within hours of detection, but the delayed identification of the second breach suggests potential gaps in network segmentation (NIST SP 800-53 AC-4) and real-time anomaly detection.
Telecom Breach Raises Nation-State Espionage Concerns
The absence of ransomware payloads or public claims by major threat groups complicates attribution.
Cybersecurity analysts speculate the attack may align with nation-state tradecraft focused on intelligence gathering rather than financial extortion.
This hypothesis gains significance given the breach’s proximity to the September 2024 revelations about “Salt Typhoon” (aka RedFoxtrot), a China-nexus advanced persistent threat (APT) group linked to intrusions at U.S. telecom giants.
Salt Typhoon’s documented tactics include exploiting VPN vulnerabilities (CVE-2023-46805) and deploying custom web shells (MITRE ATT&CK T1505.003) to maintain persistence in telecom networks.
Telecommunications firms remain high-value targets due to their role as data custodians for cross-border communications and integration with government networks.
A 2024 Mandiant report notes a 214% year-over-year increase in telecom-focused APT activity, primarily targeting call detail records (CDRs) and SS7/Diameter signaling protocols to enable surveillance or SIM swap attacks.
NTT Com’s Response and Industry Implications
NTT Com enacted its incident response playbook within 90 minutes of the initial breach detection, according to internal timelines shared with regulators. Measures included:
- Revoking Active Directory permissions for compromised service accounts
- Deploying network access control (NAC) rules to quarantine affected subnets
- Initiating a global password reset for all enterprise customer portals
However, the company faces scrutiny over its 10-day gap in detecting the second compromised device—a lapse cybersecurity experts attribute to insufficient log aggregation and overreliance on perimeter defenses.
Cybersecurity firms advocate immediate adoption of 3GPP’s 5G Security Assurance Specifications (SCAS) to harden network functions virtualization (NFV) environments. Additional priorities include:
- Implementing FIDO2/phishing-resistant MFA for all administrative access
- Deploying encrypted traffic analysis (ETA) solutions to detect lateral movement
- Conducting red team exercises simulating APT campaigns like STORM-0558 or UNC4841
As of publication, NTT Com continues working with the Japanese National Center of Incident Readiness and Strategy for Cybersecurity (NISC) to investigate the breach’s full scope.
The company has established a dedicated portal for customer inquiries but has not committed to third-party credit monitoring for affected individuals.
The telecom sector faces an imminent threat as Salt Typhoon and similar organizations increase their attacks on the sector: adapt quickly or risk becoming a permanent gateway for global cyberespionage operations.
Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
The post Telecom Giant NTT Admits Hackers Accessed 18,000 Corporate Customers Data appeared first on Cyber Security News.
