Data breach exposes up to 14.2 million email logins at six ISPs
Summary
BleepingComputer reports a data breach at Japanese operator KDDI affecting multiple ISPs, exposing up to 14.2 million email logins. An exploitable vulnerability in a third-party application was used, with passwords reportedly stored hashed or encrypted in some cases; regulators have been notified and affected customers are advised to reset passwords and enable 2FA.