Cyber Security Cloud, Inc. Ltd. (Headquarters: Shibuya-ku, Tokyo; Representative Director, President and CEO: Toshihiro Koike; hereinafter referred to as "our company") announced that from October 1, 2020 to September 30, 2021, unauthorized access We will announce a research report comparing personal information leakage incidents with a damage scale of 1,000 or more and less than 1 million by industry.

In this survey, a total of 78 cases were targeted, and based on the information of the companies that disclosed the incidents of personal leakage, manufacturers, retailers, service/infrastructure, software/communications, trading companies, finance, advertising/publishing/mass media, and government agencies・Classified into eight industries: public corporations and organizations.

■ Continuing from 2020, there are many damage cases in the “service/infrastructure” and “retail” industries
Of the 78 cases of personal information leakage due to unauthorized access that occurred during the period covered by this survey, 18 cases each occurred in the "services/infrastructure" and "retail" industries. In addition, for the top three industries with the highest number of information leaks (“services/infrastructure,” “retail,” and “manufacturer”), we conducted a survey in 2020 under the same conditions as in In the “Survey Report on Incidents of Personal Information Leakage Due to Access” (hereinafter referred to as the “2020 Survey”), “Retail” ranked first (24.0%) and “Service/Infrastructure” ranked second (22.0%). There were no changes.

■ Approximately 80% of the damage is unlisted companies, especially companies in the retail industry that do not have security measures, be careful
Calculating the percentage of cases where information was leaked from listed companies (including group companies) among the cases subject to investigation, we found that about 80% of the companies where incidents occurred were unlisted companies, and about 20% were listed companies. have become.

Comparing incidents that occurred at unlisted companies in the three industries of "services/infrastructure," "manufacturers," and "retail," where there were many incidents of information leaks, "retail" had the highest number of incidents, and more than 80% of the incidents were unlisted. It turned out to be happening in the company.

■Consideration
Looking at the results of this survey by industry, "services/infrastructure" and "retail" are high, and it is thought that the number of service users has increased due to the impact of the new corona, and the number of service users has increased. According to a survey (*1) released by the Ministry of Economy, Trade and Industry in July 2021, the size of the e-commerce market in Japan for consumers and between companies in 2020 will be 19.3 trillion yen compared to the previous year. 19.4 trillion yen, down 0.43% year-on-year), but the market size for travel services, food and drink services, and ticket sales has shrunk significantly, while the product sales and digital fields have shrunk. expanded significantly.
In this way, more and more companies are rapidly shifting from face-to-face business to online and digital, and cyber attacks are also increasing and diversifying. Even new entrants are targeted by cyberattacks, and if they suffer damage from unauthorized access, they will not only suffer damage to their brand and loss of credibility, but also unexpected expenses to investigate the damage, and in some cases, You may also be liable for damages. Furthermore, the amended Act on the Protection of Personal Information will come into effect on April 1, 2022, and it can be said that companies are being forced to review their cybersecurity measures.

*1 Source: Ministry of Economy, Trade and Industry 2020 Industrial Economy Research Commissioned Project (Market Research on Electronic Commerce)

<Survey overview>
-Survey period: October 1, 2020 to September 30, 2021
-Survey target: Incidents of personal information leaks with a scale of 1,000 or more and less than 1,000,000 cases (78 cases) related to unauthorized access to corporations and organizations announced by the above period
-Research method: Cyber Security Cloud research

[About Cyber Security Cloud, Inc.]
Company name: Cyber Security Cloud, Inc.
Location: VORT Ebisu maxim 3F, 3-9-19 Higashi, Shibuya-ku, Tokyo 150-0011 Representative: Toshihiro Koike Representative Director, President and CEO
Established: August 2010
URL: https://www.cscloud.co.jp/