National Astronomical Observatory of Japan

Loss of USB flash drive

On Sunday, April 17, 2022, an employee of the National Astronomical Observatory of Japan (NAOJ), National Institutes of Natural Sciences (NINS), lost a USB flash drive that contained personal information.
I deeply apologize for any inconvenience this situation may have caused to all parties involved.

We have been searching for the USB flash drive since the incident was discovered, however, we have not found it at this point in time.
And also at this time, we have not confirmed any damage such as unauthorized use of personal information as a result of this matter. However, we have sent an explanation and apology to those whose personal information may have been leaked by means of Specified Recorded Mail (for those whose addresses are known) and email.

NINS takes this incident very seriously, and in addition to implementing measures to prevent recurrence of such an incident, we will ensure that our employees are thoroughly informed about the proper handling of personal information and other sensitive information in order to prevent a recurrence.

Teruo Furuya
Chief Information Security Officer

1. Incident

On Friday, April 15, 2022, an employee of NAOJ, NINS, noticed the loss of a USB flash drive that he kept in a desk drawer in the office, and on Sunday, April 17, 2022, the employee reported about the loss.
The USB flash drive was loaned from NINS and was not encrypted, and the storage drawer was unlocked. The last time the USB flash drive was checked was on Friday, November 26, 2021.

2. Personal information stored on USB flash drive

The USB flash drive stored information such as meeting materials of NINS and application documents related to employee recruitment, and upon closer examination, it is possible that the personal information of up to 1,048 people was leaked.

3. Prevention measures against recurrence

The Chief Information Security Officer will provide guidance to the employee concerned to ensure compliance with the Information Security Policy and other relevant policies.
In addition, we will take measures such as providing training to all executive officers and employees, preparing manuals for handling external electromagnetic recording media, and preparing flash drives that are compatible with information encryption as a corporation.

For inquiries regarding personal information that may have been leaked

Other inquiries regarding this matter
Information Security Office, NINS
TEL: 03-5425-2038
FAX: 03-5425-2049