GMO Payment Gateway submits report with Japan’s Ministry of Economy, Trade and Industry over data leakage

Maria Nikolova

More than a month after the incident, the investigation continues with GMO Payment Gateway having filed a report into the case with the Japan’s Ministry of Economy, Trade and Industry.

More than a month has passed since Japanese provider of payment processing services GMO Payment Gateway Inc (TYO:3769) confirmed that personal data leakage that had affected the websites of two of its clients – the Tokyo Metropolitan Government and the Japan Housing Finance Agency.

The issue was so severe that it has sparked concerns of such government institutions like Japan’s Ministry of Economy, Trade and Industry (METI) which has referred to the Act on the Protection of Personal Information to demand a special report from GMO PG into the data leakage.

GMO Payment Gateway filed the report on Monday, April 17, 2017. The METI requests that the report contains details on the handling and management of personal information, on the progress of investigations, as well as on measures implemented to prevent the recurrence of the harmful situation.

At the end of last week, GMO Payment Gateway updated the numbers for the data leaked, referring to “doubling of information”.

According to the initial assessments, the number of “units of information” leaked through the Tokyo Metropolitan Government website was 676,290, including 614,629 email addresses, as well as 61,661 credit card numbers and credit card expiration dates. The number of “units” of credit card information reportedly leaked from the Japan Housing Finance Agency was 43,540, including credit card numbers, credit card expiration dates, security codes, credit card payment registration dates, addresses, email addresses, names, phone numbers, as well as dates of birth and payment joining dates. The revised data lowers the numbers nearly two times.

Shortly after GMO Payment Gateway confirmed the data leak, it announced the establishment of a “Recurrence prevention committee”, which has 11 members, including several external experts from companies like TMI Associates and Payment Card Forensics, Inc. The latter investigates security incidents and offers consultation and assessment to prevent data breaches.

Early in April, Payment Card Forensics published their report into the leakage, confirming findings of GMO Payment Gateway’s internal investigation into the matter. The external experts said unauthorized access was not confirmed for any other website apart from the two websites initially reported to have been affected.

Read this next

Digital Assets

Crypto miner BitFuFu to go public on Nasdaq through $1.5 billion SPAC merger

Cloud-mining service provider BitFuFu, backed by industry giant Bitmain, will go public through a merger with a blank-check firm in a deal that values the combined entity at $1.5 billion. This valuation is 4.6x 2022 projected revenue and 3.3x projected December 2022 annualized recurring revenue.

Digital Assets

Bithumb will no longer allow withdrawals to unverified crypto wallets

Bithumb, one of South Korea’s big four exchanges — alongside Coinone, Korbit, and Upbit — exchange is moving to block the use of anonymous wallets.

Retail FX

Cyprus compensation fund (ICF) to protect customers of Sonafx and BelightFX

The Cyprus Securities and Exchange Commission (CySEC) today published a new list of financial services providers that were disbarred from its lifeboat scheme.

Opinion

Exclusive interview with Stacey Van Niekerk of Finalto Group

With qualifications in A+ IT certification; in programming and wealth management as well as currently studying Investment Management at CISI Stacey Van Niekerk is an incredible asset to the Finalto Group. Having 10 years combined extensive experience in the Financial Industry working and helping Brokerage Firms and Fintech companies assist clients around the world in regions such as Australia; Africa; Europe; Asia; Uk and Mena Stacey is now responsible for driving Finalto’s B2B technology offering.

Institutional FX

MOEX lifts restrictions on repo transactions, including short positions

Russia’s largest institutional trading venue has lifted restrictions it applied last month to repo transactions with a central counterparty (CCP) in US shares.

Retail FX

USGFX has a heavy shortfall in client money, nearly $350M missing

BRI Ferrier, the liquidators of Union Standard International Group, known as USG or USGFX, today said creditor claims have hit $357 million, and this amount may increase further.

Industry News

Ripple fails to stop discovery extension amid SEC’s 180º on Hinman’s speech

The plaintiff has made a 180º turn by suggesting that the speech wasn’t merely peripheral to actual policy formulation”, but was in fact an “essential link” in the SEC’s deliberative process with respect to Ether” and other digital assets. 

Digital Assets

Gemini hires Pravjit Tiwana as CTO with eyes on Web3 and Metaverse

“I want to help build Web3 and the decentralized Metaverse. The promise is as big as the Internet itself and Gemini is well-positioned to help build and catalyze that future.”

Institutional FX

Broadridge automates Santander’s Shareholder General Meeting services in Spain

Broadridge has recently expanded coverage for proxy processing and extended voting windows for 20 sub-custody markets in 2021, with more markets to follow in 2022 and 2023.

<