IIJ discloses data breach in Secure MX service

Internet Initiative Japan (TSE:3774) announced that its IIJ Secure MX service experienced unauthorized access, potentially leading to the leakage of customer information. The incident, discovered on April 10, 2025, stemmed from unauthorized access to service equipment dating back to August 3, 2024. The breach potentially affects a maximum of 6,493 contracts and 4,072,650 email accounts. Exposed information may include email account passwords, email content, and authentication information for linked cloud services. IIJ has secured the affected systems and is currently investigating the full scope of the breach. The company is contacting affected customers and will disclose any material impact on its financial results as the investigation progresses.