Emerging risks | Growth Opportunities | APAC Insurance

Monday, July 13, 2026

Insight by…

Insight by type

Over 2 million customer records leaked in Japan seconded employee data breaches: Report

Japan's non-life insurers set to report to Financial Services Agency within the week over significant unauthorised sharing of rival data.
Over 2 million customer records leaked in japan seconded employee data breaches report  rein asia
August 28, 2024

 • 

3 min read
The Inaugural Recognising excellence in Asia's insurance industry Find out more Entries close
28 August

(Re)in Summary

• Sources say an estimated 2 to 3 million customer records have been leaked by seconded employees of Japan’s big four property and casualty insurers.
• The breach involves seconded employees at independent agencies sharing customer data with their own companies.
• There are concerns the information, which includes names, policy details, and premium amounts, was being leaked to gain sales insights on competitors.
• Japan’s Financial Services Agency has raised concerns about lax information practices, with big four insurers set to report findings to the watching this week.
• The FSA will review reports with insurers facing further scrutiny and potential penalties, following a year of incidents and scandals.

An estimated 2 to 3 million customer records have been leaked in a significant data breach involving seconded employees from Japan’s big four property and casualty insurers, sources close to the matter disclosed on Tuesday.

The data leak involved seconded employees of insurers posted at independent agencies, such as car dealerships, who intentionally leaked contract information from other insurers to their own companies.

There are suspicions that the leaked data has been used for sales purposes and to gain insight into competitors’ trends. The breach has added to existing concerns about lax information management practices within the industry.

The leaked information, which involved Japan’s major non-life insurers: Tokio Marine & Nichido Fire, Sompo Japan, Mitsui Sumitomo, and Aioi Nissay Dowa—is said to comprise customer names, insurance policy numbers, insurance types, maturity dates, and premium amounts, reported the Mainichi.

The four companies initially disclosed the breach in May. However, more details of the breach are now coming to light. The insurers are set to report details to Japan’s financial watchdog within the week, with the agency looking to review reports in consideration of implementing specific measures to prevent a recurrence.

The FSA directive is the latest in a challenging year for Japan’s non-life insurers amid heightened scrutiny over their operational practices.

In February, Sompo Japan Chairman Keiji Nishizawa resigned following a fraudulent insurance scandal involving used-car dealer Bigmotor.

All four major non-life insurers have also faced scrutiny for colluding to fix prices for corporate policies. Site inspections conducted by the FSA and Fair-trade Commission led to business improvement orders requiring operational improvements and other penalties.

In May, the four major non-life insurers admitted to sharing policy information of motor customers. In June, Sompo was again under fire after an investigation uncovered it had prearranged premiums with other non-life insurers for 385 corporate clients.

In response to the series of incidents, Keisuke Niiro, Chairman of the General Insurance Association of Japan, said in his one-year address, “Restoring trust has been [the industry’s] most urgent issue. We are only halfway to restoring society’s trust in our industry. We must work tirelessly to quickly develop an appropriate competitive environment and ensure discipline in our activities.”

The Inaugural Recognising excellence in Asia's insurance industry Find out more Entries close
28 August