Japanese yearbook publishing companies targeted by cyberattacks
Learn More
Multiple Japanese yearbook publishing companies were hit significant cyberattacks in early 2025, exposing sensitive personal information of hundreds of thousands of children across the country.
The largest breach involved Saito Collotype Printing, a century-old company based in Sendai. The company reported on April 11, 2025, that it had suffered a ransomware attack affecting yearbooks from the 2023 academic year, with up to 173,000 records potentially compromised across 2,000 schools in approximately 20 prefectures.
The attack began in July 2024 when network anomalies were detected in the company's production factory network. The breach affected regions including Hokkaido, Tokyo, and Osaka.
The second major incident involved Ishikura Co., based in Saitama, north of Tokyo, which reported on March 4, 2025, that its servers had been compromised. The company reported that more than 72,000 entries containing children's photos and names from 13 prefectures were exposed. Some data became unusable due to the ransomware attack.
Exposed data types included:
- Children's names
- Children's photographs
- School information
- Yearbook content and associated personal details
The total number of affected individuals across both companies reaches approximately 245,000 children. The combination of children's names and photographs creates risks for deepfake image creation and social media impersonation.
