Hackers stole personal info of over a million of Japanese pensioners

Personal information of some 1.25 million of Japan’s pensioners has been compromised and some of it was leaked following a successful breach of Japan Pension Service’s computer systems.

Unknown hackers have managed to access the systems by sending spear-phishing emails to the service’s staff, and one of them opened the attached virus.

The breach was discovered on May 28, and the police has been called in to help investigate the breach. The malware-laden computer has been isolated from the rest of the network and the infection apparently didn’t spread and didn’t affect the computer systems used to track pensioners’ financial and work history.

What was compromised: names and pension numbers of 31,000 individuals; names, pension numbers, and birth dates of an additional 1.25 million individuals.

According to David Bisson, names, pension numbers, birth dates, and home addresses of another 50,000 persons were leaked.

“These are the people’s vital pensions. I have instructed Health and Welfare Minister (Yasuhisa) Shiozaki to consider the pension recipients and do everything possible,” Japan’s Prime Minister Shinzo Abe told reporters when the breach was made public.

The Japan Pension Service has announced that affected pensioners will be issued new pension numbers. Also, that outside experts will be called in to investigate the incident, assess the service’s security posture and improve it.

As an interesting side note: just a few days ago, the US announced that they will extend its cyber defence efforts to Japan, to help it deal with the growing online attacks against military bases and infrastructure.