From Aoki Holdings in Japan, this updated statement of January 28, 2025:
AOKI Holdings Inc. sincerely apologizes to customers and others for the concerns and problems caused by the cyberattack that was announced on January 21, 2025. It has been confirmed that unauthorized access occurred on the servers of KAIKATSU FRONTIER Inc., one of our subsidiaries, potentially resulting in a data breach involving some customer personal information
AOKI Holdings and KAIKATSU FRONTIER are continuing to investigate the incident and responding as
needed. Newly discovered information about this incident is as follows.At this point, the investigation has not discovered any stolen personal information or secondary damages.
Potentially affected subjects and stolen personal information
Subjects:
- KAIKATSU CLUB members (Some of the individuals who became members between October 1,
2015 and January 20, 2025)- KAIKATSU CLUB provisional members (Some of the individuals who became members between
March 25, 2019 and January 20, 2025)- FiT24 members and FiT24 Indoor Golf members (Some of the individuals who became members
between October 30, 2018 and April 1, 2023)Personal Information:
Full name / full name in Katakana, gender, postal code, address, phone number, birth date, membership numbers, membership type, membership status, current points balance and expiration date, shop code, the most recent transaction date and time, barcode, push notification request, coupon message
Personal information records: 7,290,087
Additional information can be found at Aoki Holdings (.pdf). Those responsible for the attack have not been publicly identified or claimed responsibility for the attack. Aoki’s statement does not indicate whether they received an extortion demand or not.