18 April, AtoZForex, Lagos – The intriguing case of the Yahoo's Japanese FX brokerage operations (YJFX) information theft has taken a new turn. After the YJFX data breach, the broker took the initiative to hire an external professional to oversee an investigation into information theft. The conclusion is that no further leaks were detected. YJFX has also conducted an internal audit, in order to ensure that the issue has been fully tackled. Aside, YJFX installed the appropriate systems to fortify its security systems.
YJFX, is a subsidiary of Yahoo Japan Corporation. The firm reported a severe case of client data breach back in February. At the time, it was reported that a former employee of the firm was responsible for the theft of 180,000 items of information related to YJFX's clients. The composition of these data ranges from client names, transaction details, bank account data and more.
How the YJFX data breach evolved
Back on January 28, YJFX was notified by an external source that a data theft had occurred in its system. Due to the notification, YJFX started an investigation into the case. The investigation led to the discovery of an employee’s unauthorized removal of client information from the firm's system. After which the company immediately approached the employee at his residence. YJFX demanded the employee in question, to erase all the stolen information from all the personal devices to which he has saved it to.
YTFX ensured to identify the specific information which had been stolen during the YJFX data breach. In total it was confirmed that 185,626 pieces of information items were stolen. It was then ascertained that about 741 pieces of information were accessed by third parties. To fix the incident and prevent any further damage, the firm has decided to take a number of new measures:
- Disconnect the access of former employees to the rental server
- Confiscation of the storage device(s) used by the former employee to store the information extracted.
To prevent another YJFX data breach, the firm has also ensured to strengthen the management structure over information related to the customers. Also to fortify the online storage of the corporate network, rental server, access restrictions to other external site.
Think we missed something? Let us know down in the comments section.