ArrowArtboardCreated with Sketch.Title ChevronTitle ChevronEye IconIcon FacebookIcon LinkedinIcon Mail ContactPath LayerIcon MailMenu BurgerPositive ArrowIcon PrintIcon SearchSite TitleTitle ChevronIcon Twitter
Politics

Japan pension administrator's lax response worsens data theft

The government takes the data leak seriously and will seek to ensure pension payments are unaffected, Shiozaki told reporters.

TOKYO -- A massive information security breach at Japan's pension service deals a blow to an institution that has struggled to regain credibility after past scandals.

      Some 1.25 million names and pension identification numbers, some accompanied by dates of birth and addresses, were leaked as a result of a cyberattack, the Japan Pension Service said Monday.

     The institution fell prey to an email-borne virus, but mistakes before and after the fact exacerbated the damage.

     Unauthorized access of computer networks at government-affiliated bodies is hardly unusual in Japan. In March of last year, for instance, the leak of some 330 email addresses and other pieces of information occurred at the Building Research Institute. But the pension data leak was bigger than any in memory, according to the Cabinet Secretariat.

     The pension service says it uses virus detection software. Yet a virus lurking in a file disguised as a seminar invitation was somehow able to penetrate this barrier, infecting the computers of at least two employees. Entire files appear to have been swiped from a shared server accessible through a local area network.

     The pension service "was not able to prevent a malicious attack," Welfare Minister Yasuhisa Shiozaki acknowledged at a news conference.

     What happened next seems to have made matters worse. After the initial infection was detected on May 8, the pension service isolated the compromised computer and warned employees not to open attachments to suspicious emails. But this advice went unheeded by some. Another employee received the email and opened the file. Only on May 19 did the pension service ask Tokyo police to investigate; by then, its network had been infiltrated multiple times. A swifter response would likely have limited the loss of data.

     Other missteps came before the breach. Internal rules require the use of passwords to safeguard personal information. But some 550,000 of the 1.25 million leaked names and ID numbers lacked password protection, the institution admitted.

     Established in 2010, the Japan Pension Service was supposed to represent a break from past mismanagement. Its disgraced forerunner, the Social Insurance Agency, left millions of Japanese who paid into the pension system unaccounted for and let employees peep into personal information. The pension service handles sensitive information, including standard monthly benefits, which give an indication of a person's income. Successive governments have tried to restore public trust in the system, but Prime Minister Shinzo Abe's cabinet will bear the black eye for the latest scandal.

     Abe may be feeling an uncomfortable sense of deja vu. During his first stint as prime minister, the Social Insurance Agency was found to be missing some 50 million pension records. The public outcry hurt his cabinet's approval rating and contributed to the ruling Liberal Democratic Party's defeat in the 2007 upper house election.

(Nikkei)

Sponsored Content

About Sponsored Content This content was commissioned by Nikkei's Global Business Bureau.

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this monthThis is your last free article this month

Stay ahead with our exclusives on Asia;
the most dynamic market in the world.

Stay ahead with our exclusives on Asia

Get trusted insights from experts within Asia itself.

Get trusted insights from experts
within Asia itself.

Get Unlimited access

You have {{numberArticlesLeft}} free article{{numberArticlesLeft-plural}} left this month

This is your last free article this month

Stay ahead with our exclusives on Asia; the most
dynamic market in the world
.

Get trusted insights from experts
within Asia itself.

Try 3 months for $9

Offer ends June 30th

Your trial period has expired

You need a subscription to...

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers and subscribe

Your full access to the Nikkei Asian Review has expired

You need a subscription to:

  • Read all stories with unlimited access
  • Use our mobile and tablet apps
See all offers
NAR on print phone, device, and tablet media