Personal information such as children's school and Shinkenzemi showed up to about 20.7 million leaks, Benesse apologizes

"According to the in-house survey,Information leakage by insiders other than our group employees (who have authority to access the database)We are presuming that the police investigation has already begun and there is a possibility of hindrance to the investigation, so we will refrain from disclosing details, "according to information such as correspondence education services There were about 7.6 million cases, and the maximum possibility of about 20.7 million leaked was announced on Benesse official website.

Notice and apology regarding personal information leakage at Benesse Corporation (Information on inquiries)
http://www.benesse.co.jp/bcinfo/


The leaked information items are as follows.

·Postal code
· Your name (kids and their parents) name (Kanji and phonetic)
·Address
· Telephone number (fixed or mobile)
· Child's date of birth, gender

The information leaked services are as follows.

· Children's playground
(Including children's baby)
· Shinkenzemi elementary course
· Shinkenzemi middle school courses
· Shinkenzemi High School Course
· Independent private middle and high level consistent lecture
· Tokyo University Special lecture √ T Kyoto University Special Course √ K
· Ability to think · Plus junior high school examinations lecture
· Public Middle High School Integrated School Inspection Lecture
· Children's festival English
· Worldwide Kids
· BE-GO
· Kagaku set
· Benesse Children's English classroom (directly managed)
· Benesse Grimm School (directly managed)
· Colaso's English course
· Benesse Science School
· Learning classroom
· Benesse sentence expression power classroom
· Power to think · Plus lecture
· Scoring ability learning DS
· Pocket Challenge
· Shimizuroku music
· EVERES
· Dog's feet
· Cat's feet
· Tamahiho befa!

Since the credential card number · expiration date, financial institution account information, grading information etc. were not stored in the database which became the source of leakage, it did not leak out, the target database already stopped , "As for countermeasures, we will continue to explain to our company on our website as well", we are waiting for further information.

2014/07/09 19:52 Addendum
NHKReports that as described below, it seems that already leaked information has been widely used.

Since Benesse Corporation inquired a lot of inquiries from customers such as correspondence education services, "There was a direct mail of another company and sales phones of sales" from the end of last month, somebody examine information from the database of customer information to the outside It means that I took it out.

A mother whose two daughters of primary school students are using correspondence education on the fact that personal information of children and their parents using Benesse Corporation's correspondence education service etc. leaked to the outside, I thought that it was strange as it came in large quantities.I am worrying about how children's information will be used, I am worried very much, because I am a big company, I want security to be solid. "

2014/07/09 20:20 Addendum
Benesse's press release releasedPDF file "Apology and explanation about leakage of customer information"From the end of June 2014, direct mail from IT operators conducting telecommunications education business began to arrive at Benesse users, the inquiries from Benesse users increased rapidly, based on Benesse's "customer list" We started investigating because there was concern that sales activities were done and found that the roster business handled a list that seems to contain personal information of users of Benesse. Furthermore, since Benesse obtained the list and matched it with the data that Benesse possesses, it contains data that only Benesse has, and most of the information in the roster matches the data of Benesse , It seems that it was discovered that it is extremely likely that the data held by Benesse has leaked out.

The history up to this point is as follows when it is arranged in chronological order, and it sends to the "direct mail and the company which is making a phone call" and "roster entrepreneur" content proof mail, and the utilization / sale stop of the roster has been transmitted It is said that.

The history of this case was as follows.

· Regarding direct mails shipped by IT operators engaged in education-related businesses since June 26 (Thursday), "Personal information that was registered only in Benesse, direct mails and sales calls from other companies are coming from Benesse Inquiries about the personal information being leaked are rapidly increasing.

· Following the rapid increase in inquiries, we reported to Benesse Corporation President, Kobayashi, Benesse Holdings Chairman, President and Harada on June 27 (Fri). On the same day, under the direction of Kobayashi, president of Benesse Corporation, we started a full investigation.

· On Saturday, June 28, we set up the Emergency Response Headquarters and started investigation to investigate the cause and correspondence to the customer, with Kobayashi, president of Benesse Corporation as the Head of Countermeasure Headquarters. At the same time, a survey using a survey company was started. On Monday, June 30, the Ministry of Economy, Trade and Industry consulted the situation report and future response, consulted police on the same day reporting the situation and response.

· Fri July 4 (Fri), the survey company we appointed grasps the roster business that sells the roster that is supposed to contain the personal information of our customers and adds a roster containing about 8.22 million data obtained. From the night of the same day to the 7th (Monday) morning, as a result of matching with our company's data, we have data that we only have, so the possibility that our data leaked may be We judged it to be extremely expensive and started an in-house survey such as download history on customer information.

· On July 7 (Monday), as we conducted in-house survey on leakage route of customer information, it was found out that customer information was taken out to some extent from certain databases. Based on consultation from us, police began investigation.

· On July 8 (Tue), in order to prevent the diffusion of customer information leaked and to prevent secondary damage, based on the name list created using our personal information held by us A letter requesting discontinuation of use / sale of the roster (content certification mail) to the company "direct mails and telephone calls for sales to our customers" and "roster businesses dealing with that list" .

2014/07/10 12:40 Addendum

The roster itself based on the data that flowed out of Benesse itself was sold by the directory company "Fumio" in Fukusho-shi, Tokyo, and it was "Just system" that sent the direct mail using that list Has been confirmed.

Just used in customer information DM Benesse leakage problem - 47 NEWS (Yona no News)
http://www.47news.jp/CN/201407/CN2014071001000832.html

Justsystems' stock price plummeted in response to this confirmed information.


2014/07/10 13:04 Addendum

On the official website of the name list company "Bibliography company", "It is the only database in Japan that offers a database focused on child and small teenagers", "It is a fresh, high-quality database that will support your business" It is.

Long-established store of the name list company |
http://www.bunken-sha.com/


2014/07/10 13: 51
JustSystems released the following release.

News Releases | 2014.07.10 Regarding some press coverage of today
http://www.justsystems.com/jp/news/2014l/news/j07101.html

Regarding the press coverage of today

In some press reports today, using expressions that we suspect or our company,
From Benesse Corporation (Benesse Corporation)
We reported that the leaked personal information was used by our company with malicious intent
It was.
However, the information and perception that we have leaked from Benesse Corporation
There is no fact that it used it after doing it.

We are concerned about customers and business partners, but our business activities
In the case of sending a direct mail to customers who have registered within,
In any case, such as when sending it by asking an external business operator, appropriate
I am taking procedures and methods.

2014/07/12 17: 30
Just system announced that it will delete all "2,573,068 data" purchased from literature company.

Regarding our response to the matter of leakage of personal information of Benesse Corporation
http://www.justsystems.com/jp/news/2014l/news/j07111.html

Justsystems Corporation purchased 2,573,068 data from May, 2014 literature company (hereinafter referred to as "literature company") and used it to send a direct mail in June 2014.

In cases where we send a direct mail to customers registered during our business activities or when sending it by asking an external business operator, when we send a direct mail by purchasing a database Has concluded an agreement on condition that the personal information is legally and fairly obtained with the outside business operator. When purchasing data from literature company this time, we also acquired data after signing a contract that includes the same conditions.
However, the in-house survey found that in the purchase from the literature company this time, while checking the data acquisition route, the contract finally reached a contract in the situation where the source of the data was not clarified, and it was found that it was purchasing I did it. Therefore, from the moral responsibility as a company, we decided to delete all the data obtained from the literature company in May 2014. The use of the customer information has already been canceled from Wednesday, July 9.

We do not have any fact that we used this after recognizing it as information leaked from Benesse Corporation (Benesse Corporation hereafter). Also, since we do not have a means to check whether data obtained from a literature company is information leaked from Benesse Corporation or not, we can confirm such facts at the present moment There is none.
At present, there is no inquiry etc from the Metropolitan Police Department or the Ministry of Economy, Trade and Industry to the Company, but if there is any request in the future, I am willing to seriously deal with it.

From now on, we would like to further enforce compliance on the handling of personal information and strive for appropriate information management.

I sincerely apologize for the concern and inconvenience caused by customers and business partners.