On March 18, 2025, Japan Post announced alarming findings concerning the illegal use of customer information from Yucho Bank, which has significantly expanded to approximately 10 million people—a dramatic increase from the previously reported 1.55 million. This breach involves the violation of both the Insurance Business Act and the Banking Act, leading the Financial Services Agency to issue a report request order the same day.
Since October 2024, when the initial number was announced, the situation deteriorated as investigations revealed extensive illegal practices within postal offices. Specifically, staff had been using customer savings information to create targeted lists for marketing financial products without obtaining consent. This tactic was not only ethically questionable but also legally indefensible, creating grounds for considerable backlash from regulators.
Previously, it was reported about 1.55 million customers had their information misappropriated for sales related to Kampo Life Insurance. Still, upon fresh inquiry, this figure has now exploded with the inclusion of 7.75 million customers targeted for investment trust sales and another 520,000 for government bond sales. There were also admissions of 160,000 additional customers whose data was mishandled for other insurance products. These figures indicate the serious breadth of the misconduct, potentially dating back to as far as February 2014.
Japan Post officials indicated during a press briefing led by Executive Officer Mina Kazuki Ichiki, "We sincerely apologize for the anxiety and concern this has caused." He acknowledged the flaws within the corporation, emphasizing the industry’s need for significant reform to restore public trust. The organization affirmed it would take proactive measures to prevent such occurrences again. They also outlined plans for developing more stringent systems to verify customer consent for future transactions.
Compounding the issue, it was discovered additional insurance solicitation had taken place prior to obtaining necessary regulatory approvals for cheaper whole life insurance products released by Kampo Life. This negligence was deemed another breach of the law, leading authorities to initiate more extensive investigations. On the same day, Japan Post Holdings also revealed they would be reducing the salaries of 14 executives involved, including President Tetsuya Chida—whose pay will be cut by 30% for three months—as a means of holding management accountable.
Other executives, including those from Japan Post Holdings and Kampo Life, will receive salary reductions of 25% and 20%, respectively, for the same duration. Chida stated, "We bear considerable responsibility and will reflect deeply on this issue moving forward.” Decisions about compensation for these executives were taken to clarify management accountability and signal serious internal repercussions for the corporation’s failures.
This incident has highlighted as well the systemic governance failures within Japan Post Holdings, marking yet another chapter of sagging trust. Customers may question how their personal, often sensitive information might be handled within such large organizations, and whether sufficient safeguards against unauthorized access were ever adequately enforced. Critics say these mishandlings shine light on long-standing issues within the company’s culture, which they fear prioritize business results over ethical standards.
Initially made public last year, the customer data misuse was primarily aimed at bolstering sales for Kampo Life Insurance products. Still, as auditors dug through documentation, it became increasingly clear the misappropriation of customer financial data stretched far wider, including more extensive portfolios and product lines. Such oversight exposes Japan Post’s corporate governance weaknesses, deteriorated during the privatization transition established back in 2007.
Regulatory bodies such as the Financial Services Agency have placed Japan Post under intense scrutiny, demanding regular updates to monitor the situation. Executives have been tasked with reviewing both internal practices around data management and sales strategies moving forward. They will have to address whether the trust of millions of customers can be restored and if policies enacted will genuinely prevent future transgressions.
Judging from the public and official response, it is evident Japan Post faces considerable pressure not only to recover its market position but to protect its customers and the integrity of the banking system as well. The organization's reputational damage is immediate, positioned against the backdrop of rising expectations for transparency and accountability within financial institutions.
Indeed, the current alarm extends beyond the immediate fallout of the customer data breach. It raises practical questions about the adequacy of oversight by government agencies, the effectiveness of current regulations, and how large corporations manage sensitive customer data. Whether measures put forth after this scandal will be effective remains to be seen; all eyes are on Japan Post as they must undertake rigorous attempts to cleanse the public’s perception and re-establish trust with their customers. Japanese consumers have long valued security and integrity from their financial institutions; this latest incident will test these bonds of trust, highlighting the need for sensitivity in handling personal information.
