This article is more than 1 year old
NTT warns its Japanese cloud may have been compromised
Early May attack hit 600-plus hosting and cloud customers
Global system integrator NTT's Japanese subsidiary NTT Communications has said someone hacked their way into its hosting and cloud services in an incident that potentially exposed over 600 customers’ data.
A Japanese-language statement that The Register has run through a pair of online translate-o-matic services says the service provider was infiltrated on May 7. The intrusion was confirmed on May 11.
While a production server that ultimately came under attack was quickly triaged and the service provider quickly cut off its communications links, the hacker had managed to gain a toehold in an information management server, and reach into the company’s Japanese hosting and cloud services.
That service has over 600 clients. NTT told The Register the incident was isolated and confined to a specific set of NTT Communications clients on a single Japan-only platform. No client segments in the company's overall Enterprise Cloud were breached.
NTT said it’s hardened up since learning of the hack, which it thinks was made possible by an insecure migration project. It is now working with the impacted customers and will reveal as much as it can about the attack without breaching (what remains of) its customers’ confidentiality.
As with any cyber-break-in, this one is embarrassing. But as outsourcers’ whole schtick is giving clients a comfortable ride, hacks like this one belie their value proposition. ®