What types of data were potentially compromised in the PR TIMES breach?

The potential data leak includes personal information from various user categories, totaling 901,603 pieces of data: 227,023 enterprise users, 28,274 media users, 313,920 individual users, 331,619 import lists, and sensitive pre-release press information.

Incident

PR TIMES reports data breach exposing personal info of over 900,000 users

Q: Did any additional attacks occur after the initial breach?

Yes, despite blocking the initial unauthorized access route and stopping "the operations or processes by the attacker," an additional attack occurred through a process established by the attacker between April 27 and April 28, which the company reports to have successfully blocked by April 30.

published: May 7, 2025

Learn More

PR TIMES, a Japanese press release distribution service, reported a significant data breach on May 7, 2025, potentially compromising personal information of more than 900,000 users along with sensitive pre-release press materials.

The company detected the unauthorized access on April 25, 2025, after identifying suspicious files on their server. The investigation confirmed unauthorized third-party access to the PR TIMES administrator screen between April 24 and April 25.

The company has blocked the unauthorized access route, and stopped "the operations or processes by the attacker." Despite these measures, an additional attack occurred through a process established by the attacker between April 27 and April 28, which the company reports to have successfully blocked by April 30.

The unauthorized access was facilitated by an increase in IP addresses allowed during the remote work transition prompted by the COVID-19 pandemic. The attackers gained entry through an undocumented IP address that was linked to a shared internal account rarely used by the company. Investigators discovered a backdoor file that enabled continued unauthorized access to the systems, and detected communications via Telegram indicating a potential handover of access rights to another attacker.

The potential data leak includes personal information from various user categories, totaling 901,603 pieces of data:

227,023 enterprise users
28,274 media users
313,920 individual users
331,619 import lists
Sensitive pre-release press information

The nature of the initial breach is not disclosed, but it's probable that its an account breach.

PR TIMES filed a report with police on May 7, 2025 (noting that the delay in informing customers was to minimize risk of evidence tampering) and reported the potential data leak to the Personal Information Protection Commission and JIPDEC (Japan Information Economy Society Promotion Association)

PR TIMES is advising all users to change their passwords as a precautionary measure and have implemented strict measures limiting access to the administrator screen, allowing connections only from within the company and through a VPN

PR TIMES reports data breach exposing personal info of over 900,000 users

Read More
Targeted cyberattack on Washington Post journalists' email accounts, …
Comcast reports data breach of third party exposing …
Australian superannuation funds hit by coordinated cyberattack
Orange Spain impacted with Internet outage after their …
Roku reports second data breach, this time exposing …