General Insurance Japan announced on the 11th that up to about 17.5 million customer information records may have been leaked. A third party who had infiltrated from the outside had access to the customer information from April 17th to 21st. At this time, it has not been confirmed by the company that the data was actually used illegally by the attackers. This unauthorized access to the company’s systems can be considered an event of an exceptionally large scale in Japan for a company.
The information that may have been viewed or leaked includes the policyholder’s name, contact info, and insurance policy numbers. The company has also stated that some of the compromised data may be duplicated across multiple different database records. The company announced on April 25th it was contacting customers and had set up a dedicated contact point for them. This was to help address any concerns that they might have about the breach.
About 7.27 million records were personal information, while 8.44 million records cannot identify individuals without the main database.
According to Tokyo Shoko Research, there were 189 personal information leaks announced by listed Japanese companies in the year 2024. This represents a significant increase of nearly forty percent when directly compared to the data from the year of 2021. The most common reported cause of these data breaches was “virus infection and unauthorized access,” accounting for sixty percent of all cases. It underscores the need for enhanced cybersecurity measures across all sectors of the Japanese economy.
This statistic highlights a growing and very concerning trend of cyberattacks targeting many businesses throughout the country of Japan.
The largest data leak case in Japan is said to be Benesse Corporation’s, with about 35 million records exposed in 2014. That particular incident was caused by the removal of sensitive data by employees of an external contracting company. In more recent years, Internet Initiative Japan announced in April that about 4 million email user records were leaked. An NTT West Japan subsidiary also announced that over 9 million personal information records had been leaked due to a former employee. This latest incident at Sompo Japan adds another significant breach to this growing list of major data security failures in Japan.
Reference:
