On the 29th, it was discovered that unauthorized access from an external source had been made to Hankyu Hanshin Department Store's shopping site, "Hankyu Hanshin Online Shopping," resulting in the viewing of member information using the shopping site. Mitsukoshi Isetan also announced a similar incident of unauthorized access on the 25th, and external attacks on department store e-commerce sites are beginning to show signs of developing into a serious social problem.
According to an announcement by Hankyu Hanshin Department Store, on the 13th, a large number of access errors were confirmed on the company's shopping site, "Hankyu Hanshin Department Store Shopping Site," and an investigation was launched. The following day, it was confirmed that unauthorized access had been made from an unauthorized IP address, and that personal information of customers using the shopping site had been viewed. The shopping site was immediately shut down and access from the IP address in question was blocked. After strengthening its monitoring system, the company says that no further unauthorized access has been confirmed.
The investigation confirmed that unauthorized access had occurred prior to the 13th, with up to 2,382 pieces of member information (name, address, phone number, date of birth, gender, email address, security password) being viewed, and it is possible that credit card numbers and expiration dates for 1,360 pieces of member information were also viewed. However, there is no evidence that IDs or passwords have been leaked from the company, and there has been no confirmed fraudulent use of cards or financial damage to date.
According to an announcement by Hankyu Hanshin Department Store, on the 13th, a large number of access errors were confirmed on the company's shopping site, "Hankyu Hanshin Department Store Shopping Site," and an investigation was launched. The following day, it was confirmed that unauthorized access had been made from an unauthorized IP address, and that personal information of customers using the shopping site had been viewed. The shopping site was immediately shut down and access from the IP address in question was blocked. After strengthening its monitoring system, the company says that no further unauthorized access has been confirmed.
The investigation confirmed that unauthorized access had occurred prior to the 13th, with up to 2,382 pieces of member information (name, address, phone number, date of birth, gender, email address, security password) being viewed, and it is possible that credit card numbers and expiration dates for 1,360 pieces of member information were also viewed. However, there is no evidence that IDs or passwords have been leaked from the company, and there has been no confirmed fraudulent use of cards or financial damage to date.
