Main Page  |  Tokyo Disneyland  |  Tokyo DisneySea  |  Disney Resort Line  |  Iro Iro  |  Information  |  Donate
Information Main Page > Tokyo Disney Resort News

main logo
main info logo

Tokyo Disney Resort News

Report on Leaked Guest Information Released

March 16, 2005

Investigation of the Leak of Tokyo Disney Resort Guests of Personal Information And Newly Implemented Security Measures

On January 4, 2005, with the aim of preventing fraud or other damages against its guests as its highest priority and to report the incident to the authorities, Oriental Land Co., Ltd. announced that there had been a possibility of the leak of personal information pertaining to past and present holders of Tokyo Disneyland and Tokyo DisneySea Annual Passports. The company immediately established a special committee headed by Oriental Land Co president Toshio Kagami, which began a detailed investigation into the causes of the incident. The results of that investigation are listed below, as well as the new security measures that have been or will be implemented by the company to forestall further such occurrences.

I. Processes and Results of the Investigation

Step 1 - Investigating the possibility the Passport holders of personal information had been acquired by "Meibo-gaisha" or companies which purchase and sell individuals of private information.

Results - After acquiring some sample data from a Meibo-gaisha and verifying that the information contained therein matched Oriental Land's own data, the committee concluded that there had indeed been a leak of the annual Passport holders' personal information.

Outline of conclusions regarding the extent of the personal information leak:
  1. Probable number of people affected: 121,607 (Annual Passport holders during the period October 2000 - December 2004)
  2. Types of information leaked: names, addresses, telephone numbers, birthdays, sex, and annual passport numbers and expiration dates.
  3. Time or period of leak: undetermined.
Based on these results, the following investigations were carried out:

Step 2 - Evaluation of Oriental Land Co.'s Annual Passport Information Structure

  1. The possibility of a leak occurring through hacking or other external (internet-based) attacks

    Results - Reconfirmed that the data in question is located on internal servers within the company, and that these servers cannot be accessed by external (internet) sources.

  2. The possibility of a leak occurring through the internal network

    Results - Access to this information is limited to the persons in charge of projects that use this data and the system engineers who oversee the companyfs information technology infrastructure. The committee therefore concluded that someone from one of these two groups could be responsible for the leak.

  3. The possibility of a leak occurring through the Annual Passport Sales Windows

    Results - Due to existing security measures, such as security cameras and work procedures prohibiting employees from working alone, the committee concluded that it was improbable that a leak could occur in these areas.

  4. The possibility of a leak occurring through means other than those listed above

    Results - Direct mail companies used by Oriental Land Co. to send information to Annual Passport holders are given information on a need to know basis. Therefore, it is possible that a leak could occur through one of these companies.
Given the four possible routes above for information to leak out, the committee proceeded to attempt to trace the leak through the two routes it deemed to be the likeliest source of the leak, "route b" and "route d."

Step 3 - Investigation of the data management system's flow of information and related persons, including:
  • Confirmation of the existing information flow for Annual Passport holders' personal information with related departments (Marketing Department, Operations Department and IT Promotion Division).
  • Investigation of persons in charge of projects involving the data in question as well as their management.
  • Investigation of system engineers who oversee the company's information technology infrastructure.
  • Investigation of direct mail companies used by Oriental Land Co. who were given access to the data in question.
Results - The above investigations were carried out to the fullest extent possible within the company and focused mainly on questioning relevant personnel. However, due to a lack of information in the internal network log, the specific source of the leak could not be determined.

The Special Committee's Conclusion

Though Oriental Land Co. acknowledges the fact that the personal information in question was indeed leaked from our company, the person or persons responsible could not be identified, nor could the methods they used be discovered. Furthermore, as the committee has judged that further investigation would fail to reveal any new results, it must regretfully close its internal investigation.

II. Plans for Preventing a Recurrence

Policies and Organization
  • A special Information Security Committee was established on March 1 with the goal of protecting and managing the information assets of the OLC Group and its information management systems.
  • The "OLC Group Information Security Policy" will be established in late March in order to set concrete guidelines for information management, how information assets should be dealt with by employees of the OLC Group, etc.
Note: In addition to conducting meetings to explain the current regulations for protecting personal information to all employees of Oriental Land Co., a new set of regulations was established on January 1 and communicated to management in all departments of Oriental Land Co. and the other companies in the OLC Group. Explanations of these new regulations will also be conducted for all employees and their content and reasoning thoroughly disseminated. In order to prevent a recurrence of this incident, it has been deemed necessary to elevate awareness of these matters in all employees and elicit their cooperation to the fullest possible extent.

Technology and Information Systems
  • All computers which have access to the company's internal network (about 4000 PC's) as well as the servers which handle personal information within the network will be improved with greater observation over how they are used. Access and operation logs will be created for the protection of said data.
  • Access to personal data on the internal network by system engineers will be severely restricted to only those whose work duties make it absolutely necessary.
Both of these security measures are due to be completely implemented by late March.

Physical Security
  • Security checks of personal belongings at the company gates will be improved.
  • Evaluations for security clearance will be made more stringent.
III. Apologies To Our Guests

A letter of apology will be sent to all 121,607 guests affected by the leak of their personal information, along with the results of our internal investigations. Also, we will include a shopping voucher worth ¥500 as a small gesture of our regret. We hope to be able to prepare and post these letters by early April.

IV. Our Responsibilities

As an acknowledgement of responsibility for the lack of preparation which led to this incident, Oriental Land Co. president Toshio Kagami will take a 10% reduction in salary for 3 months. Furthermore, other executives deemed to have responsibility in this affair will receive similar salary reductions.

The leak of their personal information caused the affected 121,607 persons enormous distress, and Oriental Land Co. sincerely apologizes for this. We appreciate the valuable information and opinions we received from all our guests regarding this incident.

We believe that the only way to regain our guests' trust is to never let a leak of their personal information occur again. We will not simply rest on our new preventative measures, but from now on seek with our utmost ability to raise awareness about the need to protect personal information within our company, while striving to constantly improve upon existing security procedures.

For guest inquiries, please call:

Tokyo Disney Resort Guest Relations Center Special Hotline
Dates: March 16 through 28, 2005
Hours: 9:00 a.m. to 10:00 p.m.
Phone #: 0120-996-055 (toll free call - calls from cellphones accepted)
From March 29, guests may call Tokyo Disney Resort Guest Relations Center at 047-310-0733.

-- Source: Oriental Land Company release

Return to the Resort News page.

small logo © JTC Enterprises. This site is not officially associated nor endorsed by
Walt Disney Company or Oriental Land Company or their affiliates. Disclaimer Contact