Tokyo FM Broadcasting Co. and LTD.: Tokyo FM Data Breach: Hacker Claims Over 3 Million Records Stolen

Tokyo FM Broadcasting Hit by Alleged Cyberattack, 3 Million Records Potentially Exposed

Tokyo FM Broadcasting Co., one of Japan’s leading radio stations, is at the center of a suspected cybersecurity breach after a threat actor using the alias “victim” claimed to have infiltrated its systems on January 1, 2026. The attack occurred during the New Year holiday, a period when many organizations operate with reduced staffing.

The hackers assert they exfiltrated over 3 million records, including sensitive personal and technical data. Among the compromised information are full names, birthdates, email addresses, IP addresses, user agents (device/browser details), internal login IDs, and employment-related data. A screenshot shared by the threat actor on X (formerly Twitter) under the handle H4ckmanac appears to support the claim, though cybersecurity experts are still verifying the authenticity of the stolen data.

Tokyo FM has not yet confirmed the breach, and the incident remains under investigation. If verified, the exposure of such a large volume of personal and operational data could pose significant risks, including potential phishing attacks, credential misuse, and further exploitation of internal systems. The situation is ongoing.

Source: https://hackread.com/tokyo-fm-data-breach-hacker-3-million-records-stolen/

TOKYO FM BROADCASTING CO.,LTD. cybersecurity rating report: https://www.rankiteo.com/company/tokyofm

"id": "TOK1767382731",
"linkid": "tokyofm",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Over 3 million',
                        'industry': 'Media & Broadcasting',
                        'location': 'Japan',
                        'name': 'Tokyo FM Broadcasting Co., LTD.',
                        'type': 'Radio Station'}],
 'customer_advisories': 'Listeners and users are advised to monitor their '
                        'emails for suspicious activity and change passwords '
                        'if they reused credentials.',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 'Over 3 million',
                 'personally_identifiable_information': ['Full names',
                                                         'Birthdays',
                                                         'Email addresses',
                                                         'IP addresses',
                                                         'User agents',
                                                         'Login IDs',
                                                         'Job information'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Data',
                                              'Technical Data']},
 'date_detected': '2026-01-01',
 'date_publicly_disclosed': '2026-01-01',
 'description': 'A major cyber incident involving Tokyo FM Broadcasting Co., '
                "LTD., where a threat actor using the alias 'victim' claimed "
                "to have breached the company's private computer systems and "
                'exfiltrated over 3 million records containing personal and '
                'technical data.',
 'impact': {'data_compromised': 'Over 3 million records',
            'identity_theft_risk': 'High'},
 'investigation_status': 'Pending verification',
 'recommendations': 'Listeners and users are advised to monitor their emails '
                    'for suspicious activity and change passwords if they '
                    'reused credentials.',
 'references': [{'source': 'H4ckmanac on X'}],
 'threat_actor': 'victim',
 'title': 'Tokyo FM Broadcasting Co., LTD. Data Breach',
 'type': 'Data Breach'}