NTT Communications Corporation, the international subsidiary of Japan’s NTT Group, disclosed in March 2025 that a breach had exposed data for 17,891 corporate customers. The attackers gained access to NTT’s Order Information Change System — the database containing corporate client contract and account information — in approximately February 2024, with the breach going undetected for over a year. Exposed customer data included company names, contract identification numbers, phone numbers, email addresses, physical addresses, and the names of contact persons. NTT serves major multinational corporations and government entities. The delayed disclosure (13+ months from initial compromise to notification) drew significant scrutiny from Japanese regulators and cybersecurity authorities.