On May 7, hackers breached NTT Communications' internal cloud network and stole information on 621 companies.
NTT discovered the breach on May 11, and took more than two weeks to disclose the intrusion publicly.
How it happened
The company believes hackers started from an NTT base in Singapore, reached a cloud server in Japan, from there went to an NTT Com server on its internal network, before finally reaching an internal Active Directory server. There they stole data and uploaded it to a remote server.
NTT Com took the servers offline when they discovered the intrusion, but by that point, it was too late. Customers that may have been affected have been notified, the company said.
The company added that it would upgrade its IT infrastructure to stop a similar attack happening again, with a poorly secured migration project thought to be at fault.
"We will promptly disclose information when new information becomes available, but we will refrain from disclosing information regarding individual customers from the viewpoint of confidentiality," the company said in a statement (translated). "Thank you for your understanding."