The Benesse group on Wednesday outlined its new data security setup, which the company says will bolster customer information protection after it was embroiled in Japan's biggest-ever data theft.
Benesse Holdings Inc. and its group company Benesse Corp. said they will send a ¥500 cash voucher to customers along with a letter of apology for the massive data leak.
Its investigative team found at least an estimated 28.95 million customers were affected by the incident, the companies said.
A former systems engineer was arrested in July for allegedly copying data on about 10 million customers of Benesse Corp., a major correspondence education provider for children, onto his smartphone.
The former engineer, Masaomi Matsuzaki, who was employed at an outside firm, was served with a fresh arrest warrant in August on suspicion of stealing additional customers' data.
"We want to build a corporate culture that will never allow a recurrence of such an incident," Benesse Holdings Chairman and Chief Executive Officer Eiko Harada said at a press conference. "It's easy to say but hard to do."
The Benesse group said it will clarify responsibilities regarding customer data, dividing them into the three areas of management, maintenance and utilization of its customer database.
A new joint venture to be set up with Tokyo-based information security service firm Lac Co. will be in charge of the maintenance and operation of its data system, as Benesse will no longer outsource those operations to an outside company.
The group will also establish an external body with information security experts to monitor its data management, and will create two new posts, chief legal officer and chief information security officer.