Notice of Information Leakage Caused by a PC Virus Infection

January 9, 2015

We write to report that facts about a virus infecting a PC that an employee uses, and to confirm that an information leakage has occurred as a result of the infection. Details follow below.
We offer our deepest apologies to our stakeholders for any anxiety and inconvenience the incident may have caused.
We have reported the incident to the Ministry of Economy, Trade and Industry and the Metropolitan Police Department and are working with the utmost priority to prevent any secondary damage from occurring.

1. Regarding information leaks caused by the PC virus infection
We discovered that on December 26, 2014, a PC in use by an employee of our company was infected with a virus received through a “spoofing email,” and that information saved in the computer was leaked due to the incident.
Information that was leaked has been identified as personal information (full names of people and e-mail addresses of companies) of approximately 400 representatives of 311 of our business partners that was saved inside a single PC.
After confirming the leak, we contacted all business partners by email, phone or letter to express our apologies.
The infected PC has been immediately isolated from all network systems as a means to prevent secondary infection. As of today, we have not received a report of damages from any of the partners whose data was contained in the infected PC.
We also acknowledge that on December 29, 2014, there was evidence of another case of unauthorized access from an outside source, and we are continuing our investigations. The PC involved has been isolated from all networks to prevent any information leakage. There have been no reports at this point of any damages owing to the incident.

2. Regarding preventative measures
We intend to revise and strengthen our security measures and operation thereof, and enhance employee training to enforce stricter operations.