The massive leak of personal data from education services provider Benesse Corp. has prompted data aggregators to tighten the way they work and has spurred the government to consider ways to prevent such breaches in the future.
A systems engineer currently on trial is accused of illegally copying the data records of millions of Benesse customers to his smartphone. The data included the names and addresses of children and their dates of birth.
Investigators believe more than 10 brokers bought the data, including JustSystems Corp.
The first Benesse’s customers knew of the leak was when they were cold-called by another enterprise.
“Suddenly I received a phone call from an unknown company,” said one.
Some of the brokers now fear a client boycott if word gets out of their involvement.
“We’ve received no orders for about two months from one long-term client, a real estate agent,” said a representative of a Kanto-based list brokerage. The representative said when the scandal broke the company’s sales halved.
Another aggregator reported lost business when several private cram schools decided not to send out emails advertising a winter course. Those emails would have been directed to potential students like those on the leaked Benesse list.
Meanwhile, the government plans various measures to prevent a recurrence, including amending the law that protects personal information. The government plans to submit the bill to the Diet during the regular session next year.
It would enable victims of data leaks to submit a formal request requiring brokers to delete the information.
Separately, the scandal has sparked a proposal within the industry to require new companies to register before beginning operations — a measure that might help to restore consumers’ confidence, said a Tokyo-based data broker.
“We would like to take this opportunity to restore the industry’s reputation,” the broker said.