Sponsored By

Huge Leak Revealed at Japanese Firm

Former employee absconds with 8.64 million pieces of customer data from 43 clients of Dai Nippon Printing

One of Japan's largest printing companies today reported the theft of more than eight million pieces of customer information, including addresses and credit card numbers.

Dai Nippon Printing said around 8.64 million pieces of customer information related to 43 client companies -- including Toyota Motor Corp. and Aeon Co. -- were stolen in July by a former employee of a subcontractor, who absconded with a magnetic optical drive containing the data.

The data includes names, addresses, telephone numbers and, in some cases, credit card numbers on 1,504,857 customers of American Home Assurance, 581,293 customers of Aeon, and 439,222 customers of NTT Finance. Early reports stated that only 20 of the 43 companies involved had been notified of the breach.

The data was allegedly stolen by Hirofumi Yokoyama, 45, a former employee of a subcontractor that processed the information for the printing company. After smuggling the data out on a portable hard drive, Yokoyama sold the data of some 150,000 customers of a major consumer credit firm to a fraud ring targeting online shoppers, prosecutors said.

Part of the data was used for credit card fraud totaling several millions of yen, prosecutors said. Yokoyama was arrested after he left the company. He was later indicted on theft charges.

Japanese newspaper editors and other observers are using the case to point out the weaknesses in the country's latest data security legislation, a 2005 law that requires companies that handle personal information to beef up their security measures. So far, Yokoyama has been charged only with the theft of the drive itself, which is worth about 250 yen.

Dai Nippon Printing officials said they didn't expect data theft to be committed by insiders, according to newspaper reports. The company initiated an investigation only after the sale of the 150,000 names was brought to its attention.

— Tim Wilson, Site Editor, Dark Reading

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading

Contributor

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights