フィッシング・メール被害に関するお知らせとお詫び
2018年6月11日
English follows Japanese.
フィッシング・メール被害に関するお知らせとお詫び
(2)漏えいした可能性がある情報
当該2名のメール・ボックスに、平成30年5月31日の13時までに保存されていたメール、アドレス帳、スケジュールが、当該2名のアプリケーションのIDおよびパスワードを盗んだ者に見られた可能性がございます。
Announcement: Leaks of personal information due to phishing emails.
Dear our valued business partners,
On May 31, 2018, one of our employees of our company received a phishing mail from an attacker who disguised oneself as one of our business partners. The employee entered his own application ID and password at the phishing site. On the same day, it was confirmed that the attacker who disguised oneself as the employee and sent phishing e-mails to some of our employees and some of our business partners and personal and other information of our employees and our business partners was leaked.
(The information, however, on those who are our funds' investors or My Page registered users is not included in the leaked information.)
Immediately after this discovery, we locked the accounts of the attacked employees and changed the password. Later, in order to prevent the damage from spreading, we locked the accounts of all employees, and sequentially unlocked the accounts which we confirmed that there was no damage.
As of June 10, 2018, new leaks are not confirmed.
Development and Information that may have been leaked:
Information that may have been leaked
The e-mails and the address books and schedule saved as of May 31, 2018, 13:00 in the mail boxes of the attacked employees may have been seen by the attacker who stole their IDs and passwords of the application.
Contact with those whose private information may have been leaked.
We e-mailed those whose private information may have been leaked. In the e-mail, we explained the event in which their personal information may have been leaked and apologized.
At the same time, we asked them to be aware of suspicious e-mails that deceive our officials.
Recurrence prevention
・We will formulate internal rules for phishing fraud.
・We will strengthen our security measures training and will endeavor to thoroughly manage information security measures.
We will make every effort to ensure that the same event will not occur in the future. We will further strengthen our employee education program on information security, improve our technical capabilities and strengthen our information security systems.
We sincerely apologize again for causing inconvenience to our business partners and other related parties.
Tomoyuki Sugiyama
C.E.O.
Crowdcredit, Inc.
June 11, 2018