Apology and Announcement Regarding the Possible Leakage of Information Due to Unauthorized Access (2nd Report)

2021.04.23

April 23, 2021

To whom it may concern

Marubeni Power & Infrastructure Systems Corporation

Ken Muroie, President

Apology and Announcement Regarding the Possible Leakage of Information

Due to Unauthorized Access (2nd Report)

We, Marubeni Power & Infrastructure Systems Corporation (the “Company”), wish to inform you that we have discovered a new matter (information that may have been leaked) regarding the possible partial leakage of data stored on a file server used by the Company (hereinafter referred to as the "Server") due to unauthorized external access, as announced in the "Apology and Announcement Regarding the Possible Leakage of Information Due to Unauthorized Access" posted on our website on January 18, 2021.

The Server was used to store personal information and any other data. As a result of a re-investigation based on subsequent inquiries we received, it came to light that account information for other financial institutions related to our employees and employees of Marubeni Power Development Corporation, our affiliated company, was also stored on the Server. We would like to express our deepest apologies once again for any inconvenience or concern this situation may have caused.

Summary

1. Data revealed to have been stored on the Server

As stated in our "Apology and Announcement Regarding the Possible Leakage of Information Due to Unauthorized Access" dated January 18, 2021 (“1. Outline of the unauthorized access, (3) Data that had been stored in the Server, b."), as of the same date, it was found that the Server contained the "Account information of financial institutions of 117 persons who were registered as employees of the Company in and after 2018." It has now been discovered that "the financial institution account information of 401 persons who were registered as employees of the Company and Marubeni Power Development Corporation in and after 2010", including of the 117 individuals mentioned above, had also been stored on the Server.

2. Our response

In light of the nature of the information, we are again contacting each individual who was found to have had their financial institution account information stored on the Server, recommending that they change their financial institution account, etc.

3. Current status

The Company has already introduced a new system with enhanced security technology, and no suspicious access to the system has been confirmed since the introduction of this system. In addition, we have not received any reports of secondary damage such as unauthorized use of information that may have been leaked.

To prevent a recurrence of such an incident, we are working to strengthen our information security management framework. We sincerely apologize once again for the inconvenience and concern this incident has caused to everyone involved.

If you have any further questions regarding this matter, please contact us via telephone or email.

For inquiries regarding this matter, please contact:

Personnel & General Affairs Department,

Marubeni Power & Infrastructure Systems Corporation

Phone: 0120-917-559 (Office hours: 9:30-17:45, excluding weekends and holidays)

E-mail: MPSC-MADOGUCHI@marubeni-mpsc.com