Micard Co., Ltd

Micard Co., Ltd, also known as Mcard Co., Ltd. and MI Card Co., Ltd., is headquartered in Japan. The organisation operates an online store platform and a member‑facing homepage. Through these portals it collects and stores customer information such as names, addresses, phone numbers, email addresses and dates of birth. The member portal also maintains loyalty‑program data, including anticipated billing amounts and current loyalty points for each member. Micard Co., Ltd. has an affiliate whose online store is integrated with the company’s services. Both the company’s own homepage and the affiliate’s online store are customer‑facing systems that were accessed in the 2020 incident.

On 5 August 2020, unauthorized access to these dual portals resulted in a data breach affecting approximately 19,000 customers. The breach exposed personal data from the online store, namely names, addresses, phone numbers, email addresses and dates of birth. From the homepage intrusion, attackers accessed member names, anticipated billing amounts and current loyalty points. The incident was attributed to unauthorized system access that impacted both the company’s homepage and its affiliate’s online store. Details of the breach were disclosed in a public notice reported by databreaches.net. No further information about the organisation’s size, market scope or ownership structure is provided in the available sources.