TOKYO, June 13 (Reuters) - KDDI Corp., Japan's second-largest telecoms operator, said on Tuesday that personal information on nearly 4 million customers of its Internet service had been leaked.

KDDI said information on 3,996,789 subscribers to its Dion Internet access service as of Dec. 18, 2003 was leaked to a third-party including email addresses, phone numbers, gender and birthdates. No credit or bank account data were leaked, it said.

KDDI President Tadashi Onodera told a news conference that the incident did not affect its "au" mobile phone service, which generates the bulk of its profits. Dion currently has about 2.84 million subscribers, compared with over 23 million for "au".

 But Onodera acknowledged the leak could hurt its image.

"There is a risk the (leak) could lead to us losing trust. We will do our best to boost security," he said.

KDDI said it became aware of the leak on May 30 this year when a person called one its offices saying that he or she had obtained client data. The following day a CD-ROM with information on 400,000 customers was delivered to KDDI's headquarters.

KDDI said it then entered into negotiations with the party holding the data and was able to retrieve all of the leaked information on June 8. It did not go into further details.