By FUMIKO KURIBAYASHI/ Staff Writer
September 17, 2020 at 17:02 JST
Japan Post Bank Co.’s sign (Asahi Shimbun file photo)
Japan Post Bank Co. said on Sept. 16 it confirmed 18.11 million yen ($172,335) was stolen this year from customer accounts in 109 cases where thieves exploited security weaknesses in electronic payment services.
Thieves stole funds from accounts at 11 banks across Japan by manipulating NTT Docomo Inc.’s electronic payment system and other similar services, which were tied to customers’ bank accounts.
Japan Post Bank said 15.46 million yen was stolen through Docomo e-payment accounts, accounting for 60 percent of the total losses from 11 banks.
Susumu Tanaka, executive vice president of Japan Post Bank, apologized for the account breaches at a news conference on Sept. 16.
“If you check your account history and discover transactions you do not remember making, please contact us,” he said.
The Asahi Shimbun discovered the illicit withdrawals from the bank stemmed from seven e-payment services, including Docomo, Merpay and Line Pay.
Officials believe a spate of illicit withdrawals occurred after someone created fraudulent accounts for various electronic payment services by assuming the identities of bank customers. Then they siphoned funds from the customers’ bank accounts by transferring money into the e-payment accounts.
Cash was stolen from bank customers even if they did not sign up for or use those e-payment services themselves.
It is believed NTT Docomo and Japan Post Bank suffered more damage from the scam than the other affected businesses because their systems lacked a key security backstop, making them particularly vulnerable.
Docomo’s online payment service accounts did not use a two-step verification system, which is used by many payment service operators as an extra layer of security.
In addition, Japan Post Bank did not adopt that system when e-payment accounts were linked to the bank.
Japan Post Bank said it plans to compensate all the losses of victims in cooperation with NTT Docomo and the other compromised electronic-payment service operators.
The bank said it has halted the process to link new accounts of 10 electronic payment services to customer bank accounts. It has also blocked money transfers from bank accounts to the 10 electronic payment services to prevent further thefts.
Here is a collection of first-hand accounts by “hibakusha” atomic bomb survivors.
A peek through the music industry’s curtain at the producers who harnessed social media to help their idols go global.
Cooking experts, chefs and others involved in the field of food introduce their special recipes intertwined with their paths in life.
A series based on diplomatic documents declassified by Japan’s Foreign Ministry
A series about Japanese-Americans and their memories of World War II