External experts confirm data leakage from GMO Payment Gateway clients’ websites

Maria Nikolova

Payment Card Forensics say no other websites were affected apart from the two initially reported to have suffered data breaches.

Binarystation launches enterprise solution and provides source code to brokers

About three weeks have passed since Japanese provider of payment processing services GMO Payment Gateway Inc (TYO:3769) admitted that it had detected a data leakage from two of the websites of its clients. The data leakage had reportedly affected the websites of the Tokyo Metropolitan Government and the Japan Housing Finance Agency.

Today, one of the companies hired by GMO PG to investigate the leakage – Payment Card Forensics, Inc., published an update on the progress of the investigation conducted by the external experts.

Putting it briefly, Payment Card Forensics’ team agrees with the findings of GMO Payment Gateway’s report into the case. The Payment Card Forensics’ report makes the following three points:

  • Illegal access to the Tokyo Metropolitan Government credit card payment site for metropolitan tax was confirmed. The data leakage on March 10, 2017, concerned credit card numbers, expiration dates, mail addresses.
  • Illegal access to credit card payment site for group life insurance rider of the Japan Housing Finance Agency was confirmed. The data leakage on March 10, 2017, affected information such as credit card payment registration dates, security codes, etc.
  • Unauthorized access was not confirmed for any other website apart from the two websites just mentioned.

Payment Card Forensics was amid the external experts hired by GMO Payment Gateway to help it investigate the incident and take pre-emptive measures so that such data breaches do not happen in the future. Payment Card Forensics is one of the members of the “Recurrence Prevention Committee” formed on March 14, 2017.

The websites affected by the data leakage are still struggling to tackle the consequences of the incident. For instance, on March 29, 2017, the Japan Housing Finance Agency published an update on its website concerning the incident, informing customers that they will be mailed a special guide on what to do with regards to the data breach. The customers were asked to confirm any payments made, the payment procedure used, the receipt of the guide itself, etc.

The days following the data breach saw numerous fraudulent attempts to acquire more information from affected customers, as they have been contacted by scammers presenting themselves as representatives of GMO Payment Gateway, the Japan Housing Finance Agency and the Tokyo Metropolitan Government, offering people to “help them in the aftermath of the incident” and asking for personal details and card data.

Read this next

Institutional FX

FXSpotStream volumes hit 14-month high in November

FXSpotStream’s trading venue, the aggregator service of LiquidityMatch LLC, reported its operational metrics for November 2023, which moved higher on a monthly basis.

Digital Assets

Circle denies ties with Palestinian groups, TRON founder

Stablecoin issuer Circle has denied allegations that it facilitates funding for terrorist organizations.

Retail FX

CySEC hits operator of Titanedge, TradeEU with €90,000 fine

The Cyprus Securities and Exchange Commission (CySEC) announced that it has imposed a fine of €90,000 on Titanedge Securities Ltd due to shortcomings in their regulatory obligations.

Institutional FX

Cboe FX volumes retreats slightly in November 2023

Cboe’s institutional spot FX platform today announced its trading volume for the month ending November 2023, which took a step back after a strong rebound in October.

Institutional FX

Alpha Group seals Cobase majority acquisition

Foreign exchange service provider Alpha Group International plc (AIM: ALPH) has finalized its acquisition of Financial Transaction Services, operating as Cobase.

Digital Assets

TMNG Tokens Successfully Listed on MEXC Crypto Exchange

TMN Global proudly announces the successful listing of its native TMNG token on the MEXC crypto exchange, effective December 1st, 2023. This strategic partnership marks a significant milestone for TMN Global in the crypto space.

Institutional FX

Marex completes acquisition of TD Cowen’s PB business

London-headquartered commodities broker Marex has completed the acquisition of TD Cowen’s prime brokerage and outsourced trading business, which will be integrated into Marex’s capital market division. This division was established following the acquisition of ED&F Man Capital Markets in 2022.

Digital Assets

Talos introduces decentralized liquidity and onchain settlement with Uniswap and Fireblocks

“At the cornerstone of the DeFi ecosystem, Uniswap has the breadth of assets and depth of liquidity that institutional traders need. And to have this partnership powered by Fireblocks, a digital assets infrastructure provider trusted by some of the most renowned institutions, is very fitting.”

Digital Assets

FINMA-regulated crypto bank SEBA Bank rebrands to AMINA

“As we look forward to 2024, our ambition is to accelerate the growth of our strategic hubs in Switzerland, Hong Kong, and Abu Dhabi, and to continue our global expansion, building on all the successes we have laid down over the past years.”