The Tokyo District Court on Tuesday sentenced a former systems engineer to 3½ years in prison and fined him ¥3 million ($26,400) for his involvement in the massive data theft at major education service provider Benesse Corp.
The court’s Tachikawa branch found that Masaomi Matsuzaki, 41, broke the unfair competition prevention law by copying and disclosing trade secrets.
The parent firm, Benesse Holdings Inc., estimated that nearly 29 million sets of customer data were stolen. The unprecedented scale of the leak prompted Japanese firms to re-evaluate how they manage sensitive data.
Matsuzaki pleaded not guilty to the charges. He admitted to leaking the information but argued that the data did not meet the legal definition of a trade secret.
The prosecutors, who had demanded a five-year term and ¥3 million fine, said in their closing arguments that Benesse’s customer information was clearly being treated as a trade secret because the user names and passwords required to access the database were only privy to a limited group of employees.
But Matsuzaki’s counsel argued that the data management system used at the time was not adequate enough to conclude the information was being handled as confidential.
According to the indictment, in June 2014, Matsuzaki saved data relating to about 30 million customers onto a computer at an office of a Benesse affiliate based in the Tama region in western Tokyo, where he was employed. He then copied the files onto his smartphone before selling data on roughly 10 million customers to name-list trading companies.