NTT warns its Singapore cloud was hacked, Japanese customer data compromised

NTT warns its Singapore cloud was hacked, Japanese customer data compromised

Global system integrator NTT has said someone hacked their way into its hosting and cloud services and may have accessed 600-odd customers’ data.

A Japanese-language statement that The Register has run through a pair of online translate-o-matic services says the service provider was infiltrated on May 7 via Active Directory services running in its Singapore operations. The intrusion was confirmed on May 11. The Active Directory deployment was accessed remotely and then used internally as a stepping stone to other systems.

While a production server that ultimately came under attack was quickly triaged and the service provider quickly cut off its communications links, the hacker had managed to gain a toehold in an information management server, and reach into the company’s Japanese hosting and cloud services.

621 customers of those services were then within reach of the intruder, creating “a possibility that some information was leaked due to suspicious access.”

NTT said it’s hardened up since learning of the hack, which it thinks was made possible by an insecure migration project. It is now working with the impacted customers and will reveal as much as it can about the attack without breaching (what remains of) its customers’ confidentiality.

As with any cyber-break-in, this one is embarrassing. But as outsourcers’ whole schtick is giving clients a comfortable ride, hacks like this one belie their value proposition. ®

Sponsored: Ransomware has gone nuclear