Japan’s Aflac, KDDI, Sapporo, Nidec: Four Breaches, One Common Entry Point
Four major Japan cyberattacks reported within two weeks point to a common trend, with attac 2026-7-2 05:58:28 Author: thecyberexpress.com(查看原文) 阅读量:10 收藏

Four major Japan cyberattacks reported within two weeks point to a common trend, with attackers gaining access through subsidiaries and third-party infrastructure rather than corporate headquarters. While the incidents affected companies from different industries, including insurance, telecommunications, brewing, and manufacturing, the breaches shared one notable characteristic.

Rather than directly compromising corporate headquarters, attackers gained access through subsidiaries, overseas operations, or third-party infrastructure.

The affected organizations include Aflac Japan, KDDI, Sapporo Holdings, and Nidec, each of which reported separate cyber incidents during the second half of June 2026. Although the attacks involved different circumstances, the disclosures point to an expanding attack surface that extends well beyond an organization’s primary network.

Aflac Japan Breach Exposed Customer Data

Aflac Japan disclosed on June 30 that attackers accessed its Japanese operations between June 15 and June 25. According to the company, approximately 4.38 million customers and agents were affected, with a subset of records including bank account information used for insurance premium payments.

The insurer stated that the incident was limited to its Japanese business and did not affect its U.S. operations.

While the company has not attributed the attack to any specific threat group, the reported tactics resemble social engineering techniques previously associated with Scattered Spider.

report-ad-banner

KDDI Incident Impacts Millions Through Shared Platform

Telecommunications provider KDDI reported unauthorized access involving an email platform used by multiple Japanese internet service providers.

The company said the incident stemmed from a vulnerability in third-party software, potentially exposing up to 14.22 million email account records across six ISPs.

The breach demonstrates how a single vulnerability within shared infrastructure can affect multiple organizations simultaneously.

Sapporo Holdings and Nidec Target Overseas Subsidiaries

Sapporo Holdings disclosed suspected unauthorized access involving two overseas subsidiaries, Singapore-based Pokka and Canadian brewer Sleeman. The company detected suspicious activity, shut down affected systems, and launched an investigation to determine whether any information had been accessed or stolen.

Meanwhile, manufacturing company Nidec confirmed a ransomware attack targeting its Taiwanese subsidiary, Nidec Chaun Choung Technology.

The BlackField ransomware group claimed responsibility for the attack, alleging it had stolen more than two terabytes of company data, including employee, financial, procurement, manufacturing, legal, and IT records. The group reportedly demanded a $2 million ransom.

A Shared Pattern Across the Japan Cyberattacks

Despite involving different industries and attack methods, the four Japan cyberattacks reveal a similar point of compromise.

Aflac’s breach was limited to its Japanese business. KDDI’s exposure originated from a shared email platform relying on vulnerable third-party software. Sapporo’s investigation centers on overseas subsidiaries, while Nidec’s ransomware incident affected its Taiwan-based operation rather than its headquarters.

These cases suggest attackers are increasingly targeting subsidiaries, shared services, overseas business units, and technology partners instead of attempting to breach an organization’s primary corporate network.

Growing Risks Across the Extended Enterprise

The incidents highlight the importance of treating subsidiaries and external partners as part of the organization’s overall security perimeter.

Organizations that rely on overseas offices, acquired businesses, vendors, or shared platforms may inherit additional cybersecurity risks if those environments are not protected to the same standard as corporate headquarters.

The KDDI incident illustrates how third-party dependencies can significantly increase the scale of a breach, while the Nidec cyberattack demonstrates how ransomware groups continue to combine data theft with extortion demands.

The reported tactics observed in the Aflac incident also reinforce the continued effectiveness of social engineering as an initial access method.

While investigations into several of the incidents remain ongoing, the recent disclosures underscore a broader trend. As enterprise environments become increasingly interconnected, subsidiaries, shared infrastructure, and external technology providers are becoming attractive targets for attackers seeking indirect access to larger organizations.


文章来源: https://thecyberexpress.com/japan-cyberattacks-expose-hidden-risks/
如有侵权请联系:admin#unsafe.sh