Fortune 500 company NTT discloses security breach

Japanese telecommunications giant NTT says hackers breached its internal network and stole data on 621 customers.

NTT Group

Image: Ryo Yoshitake, NTT Ltd.

Nippon Telegraph & Telephone (NTT), the 64th biggest company in the world, according to the Fortune 500 list, has disclosed today a security breach.

NTT says hackers gained access to its internal network and stole information on 621 customers from its communications subsidiary, NTT Communications, the largest telecommunications company in Japan, and one of the biggest worldwide.

The hack took place on May 7, and NTT says it became of the intrusion four days later, on May 11.

The company says hackers breached several layers of its IT infrastructure and reached an internal Active Directory (AD in the graph below) to steal data and then upload it to a remote server.

ntt-graph.png

NTT intrusion, green text added by ZDNet

Image: NTT

The attack is believed to have originated from an NTT base in Singapore, the company said today.

Attackers used this entry point to reach a cloud server located in Japan (Server B), then move to a server on NTT Communication's internal network (Server A), and then access the AD server.

NTT says it took down the hacked systems as soon as it learned of the incident.

The company is still investigating the breach, which it made public today, but says it plans to notify all customers "when it becomes clear what should be notified."

NTT said it's also in the process of upgrading its IT infrastructure.

The company is the latest Japanese company to disclose a security breach in the last few months. Mitsubishi Electric and NEC have also disclosed similar intrusions in January, and Pasco and Kobe Steel in February. Just like in the previous cases, the attack is believed to have targeted defense-related information. NTT is one of the biggest providers of managed IT services in the world. It manages several cloud services and enterprise network management solutions.