Ransomware victim disclosure
← All victimsNTT Docomo
listed as NTT Docomo - Japan 1st Mobile Operator · Claimed by Ransomed · listed 3 years ago
Status timeline
- ListedSep 26, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomed
- Status
- Data leaked
- Country
- Japan
- Sector
- Telecommunications
- Listed on leak site
- Sep 26, 2023
- Records
- 310.000 employees
- Ransom demanded
- $1.015
About the victim
AI dossier — public-source company profileNTT Docomo is Japan's largest mobile network operator and a subsidiary of NTT (Nippon Telegraph and Telephone Corporation), one of the world's leading telecommunications carriers with approximately 310,000 employees worldwide. The company offers a wide range of services including mobile phones, fixed-line telephony, internet access, and system integration. NTT is reported to serve 88% of the Fortune 500's top 100 companies globally.
- Industry
- Telecommunications – Mobile Network Operator
- Employees
- 310000
Attack summary
Severity: high — The group claims broad exfiltration from a major telecommunications carrier serving hundreds of millions of customers and critical enterprise clients; however, no specific data categories, proof files, or confirmed data size are provided, limiting the classification to high rather than critical.The group 'ransomed' claims to have gained access to NTT Docomo's infrastructure and exfiltrated data, stating they 'exfiltrated everything' after not receiving payment. A ransom demand of $1,015,000 is stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Exfiltrated internal data (unspecified)
What the group claims
With approximately 310,000 employees worldwide, NTT (Nippon Telegraph and Telephone Corporation) is one of the world's leading telecommunications carriers. It is chosen by as many as 88% of the top 100 companies in the Fortune Global Business Ranking "Fortune 500", an annual U.S. business magazine. We offer a wide range of services in Japan, from fixed-line and mobile phones to the Internet and system integration.We have got into their base and exfiltrated everything from there, we dont get paid.We require a ransom of $1,015,000
Sources
- Victim sitenttdocomo.co.jp
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

