GMO Payment Gateway submits report with Japan’s Ministry of Economy, Trade and Industry over data leakage

Maria Nikolova

More than a month after the incident, the investigation continues with GMO Payment Gateway having filed a report into the case with the Japan’s Ministry of Economy, Trade and Industry.

More than a month has passed since Japanese provider of payment processing services GMO Payment Gateway Inc (TYO:3769) confirmed that personal data leakage that had affected the websites of two of its clients – the Tokyo Metropolitan Government and the Japan Housing Finance Agency.

The issue was so severe that it has sparked concerns of such government institutions like Japan’s Ministry of Economy, Trade and Industry (METI) which has referred to the Act on the Protection of Personal Information to demand a special report from GMO PG into the data leakage.

GMO Payment Gateway filed the report on Monday, April 17, 2017. The METI requests that the report contains details on the handling and management of personal information, on the progress of investigations, as well as on measures implemented to prevent the recurrence of the harmful situation.

At the end of last week, GMO Payment Gateway updated the numbers for the data leaked, referring to “doubling of information”.

According to the initial assessments, the number of “units of information” leaked through the Tokyo Metropolitan Government website was 676,290, including 614,629 email addresses, as well as 61,661 credit card numbers and credit card expiration dates. The number of “units” of credit card information reportedly leaked from the Japan Housing Finance Agency was 43,540, including credit card numbers, credit card expiration dates, security codes, credit card payment registration dates, addresses, email addresses, names, phone numbers, as well as dates of birth and payment joining dates. The revised data lowers the numbers nearly two times.

Shortly after GMO Payment Gateway confirmed the data leak, it announced the establishment of a “Recurrence prevention committee”, which has 11 members, including several external experts from companies like TMI Associates and Payment Card Forensics, Inc. The latter investigates security incidents and offers consultation and assessment to prevent data breaches.

Early in April, Payment Card Forensics published their report into the leakage, confirming findings of GMO Payment Gateway’s internal investigation into the matter. The external experts said unauthorized access was not confirmed for any other website apart from the two websites initially reported to have been affected.

Read this next

Retail FX

Capital Index UK reports mitigated loss despite revenue drop

FCA-regulated brokerage firm Capital Index (UK) Limited has released its annual financial report for the year 2022.

Digital Assets

Mike Novogratz’s Galaxy Digital expands in Europe

Galaxy Digital, the New York-based cryptocurrency financial services company founded by Mike Novogratz, is expanding its presence in Europe by appointing Leon Marshall as its first European CEO.

Metaverse Gaming NFT

Turingum Partners with MarketAcross to Drive Web3 Adoption in Global and Japanese Markets

Global blockchain PR leader MarketAcross joins forces with Japanese Web3 specialist Turingum to mutually expand its market reach, aiming to fortify Turingum’s worldwide footprint and MarketAcross’s presence in the lucrative Japanese blockchain landscape.

Digital Assets

Binance to delist all stablecoins in Europe next year

During a public hearing with the European Banking Authority (EBA), an executive from Binance said that the exchange could ultimately delist stablecoins from its European platforms by June 30, 2024.

Industry News

“Unconscionable conduct”: ASIC fines National Australia Bank $2.1m for overcharging customers

NAB faces a $2.1 million penalty for unconscionable conduct, as the Federal Court rules the bank knowingly overcharged customers, and took over two years to rectify the situation.

Industry News

SEC charges $15 million Ponzi scheme targeting Mexican-American community

Armando Gutierrez Rosas purportedly intended to invest these funds in U.S. real estate and mining operations in Mexico, assuring investors of monthly returns as high as 10 percent. Instead, Gutierrez operated a Ponzi scheme, diverting investor funds to cover his personal expenses, which notably included the acquisition of a $2.5 million mansion in Texas.

Digital Assets

Chainlink launches cross-chain interoperability protocol on Arbitrum One

Chainlink and Arbitrum join forces to bring the Chainlink Cross-Chain Interoperability Protocol (CCIP) to Arbitrum One, offering Web3 developers a powerful tool to build secure and interconnected applications across blockchains.

Executive Moves

STT appoints Brian Saldeen as Senior Risk & Margin Product Manager

Sterling Trading Tech welcomes Brian Saldeen to spearhead the development of their Risk & Margin offering, bolstering their cutting-edge solutions in the capital markets.