Seven & i Holdings Co. announced Tuesday that it has reset the passwords for users' common IDs, dubbed 7iD, needed to access online members-only services.
The move is part of a package of security measures implemented in response to fraudulent use of its 7pay payment service.
Users will not be able to use the firm's online services until they register new passwords, a requirement that applies to its enormous user base of about 16.5 million people.
In addition to 7pay, a 7iD is required to use online sales sites run by group companies such as Ito-Yokado Co. and Sogo & Seibu Co.
Users will be notified of the password deactivation by e-mail, and creation of a new password will be required to resume access to the online services.
Previously, passwords had to have at least eight characters, but to improve security, new passwords must consist of a combination of at least nine characters, including both upper and lower case letters, and a number.
Regarding the fraudulent use of its 7pay payment service, Seven & i believes it was likely the victim of an attack in which a previously leaked list of members' IDs and passwords was fraudulently used.
By requiring users to change their passwords, the company hopes to reduce the risk of future fraudulent use of omni7 and other sales websites run by group companies.
Use of 7pay has essentially been suspended since July 4, during which new members have not been allowed to sign up.
Seven & i also revealed that as of Monday, there had been 807 victims of unauthorized use, with damages totaling about 38.6 million yen.
Read more from The Japan News at https://japannews.yomiuri.co.jp/
