June 14, 2016
Re: Occurrence of Unauthorized Access
To JAPANiCAN Members:
We wanted to make you aware of unauthorized access to a JTB Corp. server.
The details of the unauthorized access are as follows:
1. We have confirmed that the unauthorized access to the server occurred in mid-March 2016. We began investigating the incident as soon as we learned of it, and we have taken action by severing the communications link with the unapproved source.
2. Since then we have worked closely with specialist investigators who conducted a thorough examination into this unauthorized access, and they have reported to us there is a possibility that certain types of personal information relating to customers that purchased accommodation packages (NOT including any tour packages) via the website “JAPANiCAN.com” may have been accessed. However, we can assure you that credit card information is NOT stored on the affected server, and we have not received any reports whatsoever of damage to any customers due to this event. Therefore, we are writing to you now merely to inform you of this occurrence and to express to you our apologies.
3. The privacy and protection of our customers’ information is a matter we take very seriously and we have worked swiftly to resolve this incident. To help reduce the risk of any future unauthorized access, we are cooperating with independent professional security experts to further strengthen the integrity of our servers.
As always, your trust is a top priority for JTB Corp., and we deeply regret any concern or inconvenience this may have caused. We will continue to endeavor to provide the safest and most reliable and most enjoyable journeys for our customers, at the best prices we can offer. Thank you again for your continued patronage. We appreciate your support!
If you have any questions regarding this matter, please do not hesitate to contact us.
For service in English, please write to us at: firstname.lastname@example.org
Following the incident of unauthorized access to our server, there has been an increase in spoof emails from third parties disguising themselves as JTB Corp. It has also been confirmed that similar spoof websites exist. It is possible that these spoofing mechanisms could be used to redirect users to malicious phishing sites. Under these circumstances, we would like you to be cautious of the following:
1.) Under no circumstances whatsoever will staff members from JTB Corp. ask our customers for details relating to email addresses, telephone numbers, credit card details, ID or passwords.
2.) We do not send emails with file attachments.
3.) Emails sent from JTB Corp. will never ask you to access sites outside of JAPANiCAN’s official website(http://www.japanican.com/).