An estimated 2m to 3m customer records were leaked in a data breach involving Japan's four leading property and casualty insurers, Kyodo News Agency reported, citing sources close to the matter.
The four insurers are Tokio Marine & Nichido Fire Insurance, Sompo Japan Insurance, Mitsui Sumitomo Insurance, and Aioi Nissay Dowa Insurance.
Information leaked from the four insurers included customer names, insurance policy numbers, insurance types, maturity dates, and premium amounts.
The incident has raised concerns over lax information management practices prevalent in the industry, with suspicions that some of the leaked data may have been used for sales purposes.
The four companies that disclosed the breach in May are to report details to Japan's financial watchdog within the week. The agency will review the reports to consider specific measures to prevent a recurrence.
The leaks come on the heels of a recent series of scandals exposing industry-wide compliance issues, including insurance fraud by used car chain Bigmotor Co and collusion over insurance premiums for corporate customers and government agencies.
The data leak revolved around independent agents, such as car dealerships, that handle products from several insurance companies. It was discovered that employees of insurers posted at independent agencies intentionally leaked contract information from other insurers to their own companies, possibly to gain insight into competitors' sales trends.
Numerous cases also revealed issues with information oversight at the agencies. When agency headquarters sent emails containing contract information for a particular insurer within their outlets, employees of other insurers ended up being included as recipients.
Insurers are required to supervise agencies, but they did not see the leaks as problematic and failed to stop the practice.