[ISN] Ex-employee of firm that opened shop on Rakuten Internet mall
busted for leaking info
InfoSec News
isn at c4i.org
Thu Oct 27 03:09:55 EDT 2005
http://mdn.mainichi-msn.co.jp/national/news/20051027p2a00m0na001000c.html
Mainichi
October 27, 2005
A former employee of an imported goods company that had an on-line
shop on Rakuten's Internet mall has been arrested for leaking personal
information on a large number of customers, Tokyo police said.
Yasuhiro Hashimoto, 33, is accused of violating the anti-hacking law.
Metropolitan Police Department (MPD) investigators are grilling him,
suspecting that he stole personal information on as many as 90,000
customers.
Between May and July this year, Hashimoto used personal computers to
hack into the server computer managed by Rakuten on a number of
occasions to steal personal information on customers of the company
where he had previously worked, MPD investigator said.
He is suspected of using the ID number and password that Rakuten had
given to the imported goods company to make his hacking look as if it
was legitimate access. He also is accused of downloading personal
information on customers.
Hashimoto had resigned from the company in December last year.
It came to light in July that personal information on a large number
of customers of the imported goods company's on-line shop, including
their names, addresses, birth dates, phone numbers and 16-digit credit
card numbers, had been leaked.
The following month, Rakuten announced that 36,239 pieces of personal
information, including more than 10,000 pieces of credit card
information, had leaked to outsiders.
Police analysis of access records to the Rakuten server found that
someone had hacked into it. After tracing the route of the illegal
access, investigators tracked down the former employee.
Customers can buy goods and services at more than 10,000 on-line shops
opened on the Rakuten Internet mall. Rakuten operates the mall by
collecting fees from on-line shop operators.
More information about the ISN
mailing list