Interesting People mailing list archives
[Japan] 4.6 Million DSL Subscriber Data Leaked?
From: Dave Farber <dave () farber net>
Date: Thu, 26 Feb 2004 18:09:55 -0500
Date: Fri, 27 Feb 2004 06:47:41 +0900 From: Japan Subject: [Japan] 4.6 Million DSL Subscriber Data Leaked? To: dave () farber net For IP if you wish Please remove my name and email address -- just say "from Japan". This is my take on the Softbank Data Leak. This story is too dangerous. [Japan] 4.6 Million DSL Subscriber Data Leaked? The Tokyo Metropolitan Police arrested three men on suspicion of trying to extort up to 3 billion yen (U.S. $28 million) from Softbank. The suspects claimed that they obtained DVD and CD disks filled with 4.6 million Yahoo BB customer information. The two of the suspects run Yahoo BB agencies which sells DSL and IP Telephone services. Last month, Softbank was contacted by the suspects who demanded investment to their venture in exchange for the disks. Although the company confirmed that a part of the customer data shown by the blackmailers was that of real Yahoo BB customers, the company so far has not admitted their whole customer data was stolen. The police and Softbank will examine the data on the seized disks. It will take several days before we know the exact scale of the leak. According to Softbank, the stolen data includes name, address, telephone number, and email. No billing or credit card information was leaked. Also, it has been reported that the police in Nagoya arrested another man who attempted to extort 10 million yen (U.S. $ 90,000) from Softbank. The man sent the company email messages including the one with 104 customer data and claimed to have over 1 million customer information on floppies. He worked as a temporary customer support personnel for Yahoo BB in the past and it was likely that he stole the customer data while he worked for the DSL provider. The police considers the Nagoya attempt is not related to the Tokyo case and the sources of the data leak are different. At this point, there is only speculation on how the customer data was stolen. The data was not accessible from the public networks and Softbank denied any intrusions to their computer networks from the outside. It was likely to be an inside job. There might have been an accomplice(s) in the company or its subsidiaries/affiliates. An Softbank executive stated that there were over 100 people who could log-on to the PCs connected to the customer database. The company is in the process of cheking the log to find any suspicious access to the data. (Although Softbank is a victim of hideous crime, I expect that there will be a lot of scrutiny on the company's policy and practice regarding data security and privacy protection.) Although the both extortion attempts were foiled, the backgrounds of the Tokyo suspects are disturbing. One of the Tokyo suspect is the leader of a right-wing political organization. In Japan, the shady right-wing groups are often a part of the organized crime(Yakuza gangsters) or have a close tie with Yakuza. It is unthinkable that the 4.6 million personal data fell into the hands of the underworld. The bogus Internet bills from the use of dating and porn sites have become social problem in Japan.(Even they have no idea of using those services, some people send money when they receive a letter or email from the collection agencies sounding like Yakuza-related. I am hoping the suspects are just bluffing.) The other two are the followers of a powerful religious group affiliated with a major political party. According to some tabloids, one of them was a former ranking member and was participated in the wiretapping of the home of the communist party leader in some 30 years ago (The communist party and the religious party were strongly criticising each other then.). Although he was acquitted in criminal courts, a civil trial acknowledged his involvement(like O.J.?). The opposition parties are demanding the government to investigate the unprecedented scope of the personal data theft and a committee in the House of Representatives is considering to call Masayoshi Son, the Softbank president to testify. ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- [Japan] 4.6 Million DSL Subscriber Data Leaked? Dave Farber (Feb 26)