Customer data leak deals blow to Benesse
TOKYO -- Benesse Holdings, Japan's largest correspondence education provider, revealed Wednesday that a database on millions of customers has been compromised.
About 7.6 million pieces of information, such as customers' names, have been leaked, Benesse said. More details are being investigated, but the breach could be as extensive as 20.7 million pieces of data.
The National Police Agency has launched an investigation in response to reports from affected consumers.
The database in question covers the 3.65 million members of its Shinkenzemi and other correspondence education services. The stored information includes customer addresses, telephone numbers and the gender of the students. Details on subscribers to the group's magazines are also part of the database. Breaches involving credit card numbers and bank accounts have not been confirmed.
The Ministry of Economy, Trade and Industry will request this week that Benesse issue a report about how it protects consumer information.
No trace of unauthorized access via the Internet has been found. Chief Executive Officer and Chairman Eikoh Harada noted that the leaker was an outsider with ties to the company, not someone from within the group.
From June 26 onward, inquiries increased sharply from consumers complaining about being contacted by other companies and receiving direct mailings at contacts registered only with Benesse.
The company has had third-party experts investigate the issue, who concluded that a breach had most likely occurred.
Harada, along with Hitoshi Kobayashi, president of core unit Benesse Corp., apologized to customers. The company has set up a dedicated phone line to answer their inquiries.
But Harada noted that the breach occurred before he took the position, adding that former chief executive Tamotsu Fukushima, who currently serves as deputy chairman, and Chief Information Officer Eiji Aketa will step down to take responsibility after the issue is resolved.
To prevent a recurrence, the company will stop using the database and will strengthen oversight on its handling of customer information.