Tokyo Disney Resort News
Report on Leaked Guest Information Released
March 16, 2005
Investigation of the Leak of Tokyo Disney Resort Guests of Personal Information And Newly Implemented Security Measures
On January 4, 2005, with the aim of preventing fraud or other damages against its guests as its
highest priority and to report the incident to the authorities, Oriental Land Co., Ltd. announced
that there had been a possibility of the leak of personal information pertaining to past and
present holders of Tokyo Disneyland and Tokyo DisneySea Annual Passports. The company immediately
established a special committee headed by Oriental Land Co president Toshio Kagami, which began
a detailed investigation into the causes of the incident. The results of that investigation are
listed below, as well as the new security measures that have been or will be implemented by the
company to forestall further such occurrences.
I. Processes and Results of the Investigation
Step 1 - Investigating the possibility the Passport holders of personal information had been
acquired by "Meibo-gaisha" or companies which purchase and sell individuals of private information.
Results - After acquiring some sample data from a Meibo-gaisha and verifying that the information
contained therein matched Oriental Land's own data, the committee concluded that there had indeed
been a leak of the annual Passport holders' personal information.
Outline of conclusions regarding the extent of the personal information leak:
Based on these results, the following investigations were carried out:
- Probable number of people affected: 121,607 (Annual Passport holders during the period October 2000 - December 2004)
- Types of information leaked: names, addresses, telephone numbers, birthdays, sex, and annual passport numbers and expiration dates.
- Time or period of leak: undetermined.
Step 2 - Evaluation of Oriental Land Co.'s Annual Passport Information Structure
Given the four possible routes above for information to leak out, the committee proceeded to
attempt to trace the leak through the two routes it deemed to be the likeliest source of the
leak, "route b" and "route d."
- The possibility of a leak occurring through hacking or other external (internet-based) attacks
Results - Reconfirmed that the data in question is located on internal servers within the company, and that these servers cannot be accessed by external (internet) sources.
- The possibility of a leak occurring through the internal network
Results - Access to this information is limited to the persons in charge of projects that use this data and the system engineers who oversee the companyfs information technology infrastructure. The committee therefore concluded that someone from one of these two groups could be responsible for the leak.
- The possibility of a leak occurring through the Annual Passport Sales Windows
Results - Due to existing security measures, such as security cameras and work procedures prohibiting employees from working alone, the committee concluded that it was improbable that a leak could occur in these areas.
- The possibility of a leak occurring through means other than those listed above
Results - Direct mail companies used by Oriental Land Co. to send information to Annual Passport holders are given information on a need to know basis. Therefore, it is possible that a leak could occur through one of these companies.
Step 3 - Investigation of the data management system's flow of information and related persons, including:
Results - The above investigations were carried out to the fullest extent possible within the
company and focused mainly on questioning relevant personnel. However, due to a lack of
information in the internal network log, the specific source of the leak could not be determined.
- Confirmation of the existing information flow for Annual Passport holders' personal information with related departments (Marketing Department, Operations Department and IT Promotion Division).
- Investigation of persons in charge of projects involving the data in question as well as their management.
- Investigation of system engineers who oversee the company's information technology infrastructure.
- Investigation of direct mail companies used by Oriental Land Co. who were given access to the data in question.
The Special Committee's Conclusion
Though Oriental Land Co. acknowledges the fact that the personal information in question was
indeed leaked from our company, the person or persons responsible could not be identified, nor
could the methods they used be discovered. Furthermore, as the committee has judged that further
investigation would fail to reveal any new results, it must regretfully close its internal
II. Plans for Preventing a Recurrence
Policies and Organization
Note: In addition to conducting meetings to explain the current regulations for protecting
personal information to all employees of Oriental Land Co., a new set of regulations was
established on January 1 and communicated to management in all departments of Oriental
Land Co. and the other companies in the OLC Group. Explanations of these new regulations will
also be conducted for all employees and their content and reasoning thoroughly disseminated. In
order to prevent a recurrence of this incident, it has been deemed necessary to elevate awareness
of these matters in all employees and elicit their cooperation to the fullest possible extent.
- A special Information Security Committee was established on March 1 with the goal of protecting and managing the information assets of the OLC Group and its information management systems.
- The "OLC Group Information Security Policy" will be established in late March in order to set concrete guidelines for information management, how information assets should be dealt with by employees of the OLC Group, etc.
Technology and Information Systems
Both of these security measures are due to be completely implemented by late March.
- All computers which have access to the company's internal network (about 4000 PC's) as well as the servers which handle personal information within the network will be improved with greater observation over how they are used. Access and operation logs will be created for the protection of said data.
- Access to personal data on the internal network by system engineers will be severely restricted to only those whose work duties make it absolutely necessary.
III. Apologies To Our Guests
- Security checks of personal belongings at the company gates will be improved.
- Evaluations for security clearance will be made more stringent.
A letter of apology will be sent to all 121,607 guests affected by the leak of their personal
information, along with the results of our internal investigations. Also, we will include a
shopping voucher worth ¥500 as a small gesture of our regret. We hope to be able to prepare
and post these letters by early April.
IV. Our Responsibilities
As an acknowledgement of responsibility for the lack of preparation which led to this incident,
Oriental Land Co. president Toshio Kagami will take a 10% reduction in salary for 3 months.
Furthermore, other executives deemed to have responsibility in this affair will receive similar
The leak of their personal information caused the affected 121,607 persons enormous distress,
and Oriental Land Co. sincerely apologizes for this. We appreciate the valuable information
and opinions we received from all our guests regarding this incident.
We believe that the only way to regain our guests' trust is to never let a leak of their
personal information occur again. We will not simply rest on our new preventative measures,
but from now on seek with our utmost ability to raise awareness about the need to protect
personal information within our company, while striving to constantly improve upon existing
For guest inquiries, please call:
Tokyo Disney Resort Guest Relations Center Special Hotline
Dates: March 16 through 28, 2005
Hours: 9:00 a.m. to 10:00 p.m.
Phone #: 0120-996-055 (toll free call - calls from cellphones accepted)
From March 29, guests may call Tokyo Disney Resort Guest Relations Center at 047-310-0733.
-- Source: Oriental Land Company release