Japanese telecom giant NTT Communications (NTT Com) has confirmed that hackers accessed the data of almost 18,000 corporate customers during a February cyberattack, affecting an as-yet-unknown number of individuals.

The Tokyo-based NTT Com, which provides phone and network tech to enterprises, said it discovered the data breach on February 5 after determining that the hackers had gained “unauthorized access” to an internal system used for managing service orders. 

The stolen data includes customer names, contract numbers, phone numbers, email addresses, physical addresses, and information on service usage belonging to 17,891 organizations, according to NTT Com. 

NTT Com has not yet said how many individual employees of the affected organizations had personal information taken in the breach, nor has the company shared any details about the companies that had data stolen. NTT Com has more than 100,000 corporate customers in 70 countries around the world, according to its website.

NTT Com did not immediately respond to TechCrunch’s questions outside of its working hours.

After detecting the breach, NTT Com said it “immediately restricted access” to the compromised device within its internal systems. However, the company said it discovered on February 15 that the attackers had compromised another device in its internal network, which the company says was “promptly disconnected.”

It’s not yet known who was behind the February breach, and the specific nature of the cyberattack remains unknown. The cyberattack on NTT Com has not yet been claimed by any major ransomware group.

Telecom organizations have become a major focus for cybercriminal and nation-backed hackers in recent years. 

In September 2024, it was revealed that the China-linked “Salt Typhoon” hacking group had breached several U.S. phone and internet giants to gain access to the private communications of senior U.S. government officials. Salt Typhoon continues to target telecommunications providers, according to a recent report. 

Cybercriminals are also known to target the banks of phone records stored by telco giants, which can be used for further cyberattacks.

Were you notified about the NTT Com data breach? We’d love to hear from you. From a non-work device, you can contact Carly Page securely on Signal at +44 1536 853968 or via email at carly.page@techcrunch.com. You can also contact TechCrunch via SecureDrop.