Japan Post Holdings is in hot water yet again, this time for its postal service losing documents containing financial transaction data for thousands of its customers.
The postal, insurance and banking operator is said to have lost data on at least 67,000 individuals, across around 5,700 post offices in Japan, according to a report by the Mainichi Shimbun.
The issue surfaced after Japan Post Bank, the group’s banking arm, launched an investigation in October 2020. It initially found that four post offices had lost intermediary records containing personal information on 318 clients. A few months later, it expanded the investigation nationwide, leading to the discovery of thousands of breaches.
The missing records included information such as clients' names and Japan Post Bank account numbers. Company rules state that such records must be kept for 10 years after the transactions.
In its response, Japan Post told the Mainichi Shimbun that the records may have been discarded by mistake, and that it is unlikely that the information would leak to a third party.
“We will put renewed efforts into making sure that thorough measures are taken to properly handle information,” Japan Post said.
Japanese law states that intermediary records must be created and kept for transactions regarding financial products. However, the report, citing insider sources, said that no records were created at all for some cases.
The Ministry of Internal Affairs and Communications and the Financial Services Agency (FSA) have been informed about the issue, and plan to issue an administrative directive after gathering information and reports from all concerned parties.
The Japan Post group has been quite controversial in recent years, having been embroiled in a predatory sales scandal in 2019, involving unethical practices when selling insurance products. This led to the group being ordered to temporarily halt sales of insurance, while several officials resigned. Penalties were also handed out to numerous employees.
In September 2020, Japan Post Bank was found to have been targeted by illicit money withdrawals involving virtual wallet services.