Customer information copied by a systems engineer from Benesse Corp. was leaked to more than 500 companies through name-list traders, police said Monday.
Police investigating Japan’s biggest-ever data theft said that the engineer, Masaomi Matsuzaki, 40, arrested last July on suspicion of stealing personal data relating to Benesse customers, sold the information to three name-list trading companies.
The massive data leak was a serious blow to Benesse Holdings Inc., the parent of Benesse Corp., a major education service provider. The company was forced to book a special loss of ¥26 billion and to take reform steps, including cutting 300 jobs through voluntary retirement.
Two of its board members also stepped down to take responsibility
The incident prompted the government to review the personal information protection law to boost protection of corporate secrets.
The police said that after two of the name list sellers resold the information, Benesse’s customer data have been obtained by more than 500 companies.
The police on Monday turned over their case to prosecutors on Safety Inc., one of the three name list companies, and its 45-year-old president, on suspicion of selling the data to an education service company in Kumamoto Prefecture, knowing the data had been illegally obtained.
The president denied the allegation, saying that although his company purchased the data from Matsuzaki, who formerly worked for a subcontractor of Benesse, and resold it, the firm did not know it was Benesse’s customer information.