TOKYO: Japan Post Bank said Thursday that it had received about 380 complaints from customers as of Tuesday of fraudulent withdrawals amounting to some 60 million yen through its partner companies’ electronic payment services.
The number of such complaints rose from the earlier announced 137, with the total amount of money stolen increasing from 22.05 million yen.
The bank additionally counted about 150 cases reported between July 2017 and the end of 2019, as well as about 100 newly reported cases. In about two-thirds of the past cases, the bank has yet to compensate affected customers for their losses.
Electronic payment services provided by seven companies, including NTT Docomo Inc.’s “Docomo Koza” service and a SoftBank Corp. <9434> affiliate’s PayPay service, were hacked.
At a press conference in Tokyo on Thursday, Japan Post Bank President Norito Ikeda apologized for being slow to disclose the fraud cases, which date back as early as three years ago.
“If we responded quickly, we could have limited depositors’ losses to the bare minimum,” Ikeda said. “Our risk awareness was extremely low.”
Aiming to finish paying compensation next month by confirming who are victims and how much was stolen from each victim’s account, the bank run newspaper advertisements the same day calling on its customers to see if their accounts were breached. It will also ask via email about 5.5 million customers using the partner companies’ electronic payment services to review their transactions.
A task force to be set up directly under the bank chief will carry out full-fledged security checks on cashless payment services by the end of October.
Separately, the bank found that its Mijica debit card service has been used to steal 3.32 million yen from 54 customers’ accounts. It plans to compensate for the losses by the end of this month.
To prevent fraudulent money transfers to Japan Post Bank accounts, the bank has decided to require applicants for new accounts to submit identification documents with their face photos.
It has come to light that SBI Securities Co.’s customer accounts were hacked and gains from securities transactions via the accounts were transferred to accounts opened at the bank by someone, or some people, pretending to be the SBI Securities customers.