Financial and Business News

IG Japan Confirms Potential Data Exposure of 163K Clients, but No ‘External Leak’

Monday, 27/04/2026 | 09:44 GMT by Tareq Sikder
  • The company reports external server stored 29,734 customer records.
  • Firm fixes internal access issue and removes external data following discovery this year.
IG

IG Securities, also known as IG Japan, issued an apology today (Monday) after identifying improper handling of customer “specific personal information,” including My Number identification data.

Singapore Summit: Meet the largest APAC brokers you know (and those you still don't!).

The company said two issues were identified. First, some employees within IG Group had unauthorized internal access to customer data through an internal system. The information included names, dates of birth, addresses, contact details, and My Number data. The start date of this access issue is not known.

Second, customer data was stored on an external server managed by IG Markets Limited without prior approval from IG Securities. This occurred around late January 2026. The company stated that the cloud provider itself could not access the stored data.

Contractor Oversight Failure Behind IG Japan Data Incident

In total, 162,879 customers were potentially affected by internal access, meaning their data could be viewed within the group. A separate 29,734 customers had their data stored on the external server.

IG Securities said there is no evidence of any external access or data leak outside the group.

The company attributed the incident to failures in oversight of its contractor, IG Markets Limited. It cited a “misunderstanding” of the sensitivity of My Number data, insufficient access controls, and a configuration error during system development.

External Records Deleted, Sensitive Data Moved Locally

The internal access issue was resolved on February 24, 2026. External server data was deleted on March 5, 2026. By March 27, 2026, all My Number-related data had been transferred to systems located in Japan.

As part of its response, IG Securities said it will restrict data access to necessary personnel, store sensitive data domestically, strengthen contractor supervision, and remove My Number data from shared internal systems.

The company described the incident as a failure in data governance and control, adding that customer data was exposed internally due to inadequate safeguards.

Finance Magnates has reached out to IG for comment on its disclosure. As of writing, no response has been provided.

IG Securities, also known as IG Japan, issued an apology today (Monday) after identifying improper handling of customer “specific personal information,” including My Number identification data.

Singapore Summit: Meet the largest APAC brokers you know (and those you still don't!).

The company said two issues were identified. First, some employees within IG Group had unauthorized internal access to customer data through an internal system. The information included names, dates of birth, addresses, contact details, and My Number data. The start date of this access issue is not known.

Second, customer data was stored on an external server managed by IG Markets Limited without prior approval from IG Securities. This occurred around late January 2026. The company stated that the cloud provider itself could not access the stored data.

Contractor Oversight Failure Behind IG Japan Data Incident

In total, 162,879 customers were potentially affected by internal access, meaning their data could be viewed within the group. A separate 29,734 customers had their data stored on the external server.

IG Securities said there is no evidence of any external access or data leak outside the group.

The company attributed the incident to failures in oversight of its contractor, IG Markets Limited. It cited a “misunderstanding” of the sensitivity of My Number data, insufficient access controls, and a configuration error during system development.

External Records Deleted, Sensitive Data Moved Locally

The internal access issue was resolved on February 24, 2026. External server data was deleted on March 5, 2026. By March 27, 2026, all My Number-related data had been transferred to systems located in Japan.

As part of its response, IG Securities said it will restrict data access to necessary personnel, store sensitive data domestically, strengthen contractor supervision, and remove My Number data from shared internal systems.

The company described the incident as a failure in data governance and control, adding that customer data was exposed internally due to inadequate safeguards.

Finance Magnates has reached out to IG for comment on its disclosure. As of writing, no response has been provided.

Topics
retail
retail brokers
retail forex
retail FX
IG Group
Japan
About the Author: Tareq Sikder
Tareq Sikder
  • 2267 Articles
  • 41 Followers
Tareq is a financial writer with 15 years of experience covering global markets. His work spans technical analysis, forex broker reviews, and market sentiment, with a focus on topics relevant to retail traders. He joined Finance Magnates in 2023. At Finance Magnates, he serves as News Editor, covering retail forex and CFD brokers, cryptocurrency exchanges, fintech firms, and regulatory developments shaping the trading industry. He holds an Honours degree in Information Technology from Anfell College, London. Education: Honours degree Information Technology, Anfell College, London

More from the Author

Retail FX

OneRoyal Winner Spotlight 🏆 | Most Innovative Broker (MENA) 2025 #Trading #MENA #Innovation #Shorts

OneRoyal Winner Spotlight 🏆 | Most Innovative Broker (MENA) 2025 #Trading #MENA #Innovation #Shorts

OneRoyal takes the spotlight as Most Innovative Broker 2025 (MENA). Dominic Poynter describes the night as high-quality and professional; a reflection of years of dedication. With 20 years in the market, the focus now is on continued growth across MENA and the GCC. 👉 Be part of FM Awards 2026: https://awards.financemagnates.com?utm_source=SM&utm_medium=sm_post&utm_campaign=testimonials

OneRoyal takes the spotlight as Most Innovative Broker 2025 (MENA). Dominic Poynter describes the night as high-quality and professional; a reflection of years of dedication. With 20 years in the market, the focus now is on continued growth across MENA and the GCC. 👉 Be part of FM Awards 2026: https://awards.financemagnates.com?utm_source=SM&utm_medium=sm_post&utm_campaign=testimonials
More Videos

  • FM Daily Brief - 24 April 2026

    FM Daily Brief - 24 April 2026

    It's Friday, the twenty-fourth of April 2026. You're listening to the Finance Magnates Daily Brief. Today's lead: Finance Magnates can exclusively report on ACCM's all-time Q1 volume record. Also ahead: the FCA's first coordinated crypto raids in the UK, and a major US day trading rule change. Listen to the full episode...

    It's Friday, the twenty-fourth of April 2026. You're listening to the Finance Magnates Daily Brief. Today's lead: Finance Magnates can exclusively report on ACCM's all-time Q1 volume record. Also ahead: the FCA's first coordinated crypto raids in the UK, and a major US day trading rule change. Listen to the full episode...

  • FM Daily Brief: 23 April 2026

    FM Daily Brief: 23 April 2026

    It's Wednesday, the twenty-third of April 2026. You're listening to the Finance Magnates Daily Brief. Broker results first today: NAGA posts its first profitable quarter, and Hantec's Q1 volume hits one-point-two trillion. Also ahead: prop firm payout data and a three-hundred-million-dollar exchange deal. Sponsored by FM Academy

    It's Wednesday, the twenty-third of April 2026. You're listening to the Finance Magnates Daily Brief. Broker results first today: NAGA posts its first profitable quarter, and Hantec's Q1 volume hits one-point-two trillion. Also ahead: prop firm payout data and a three-hundred-million-dollar exchange deal. Sponsored by FM Academy

  • FM Daily Brief: 21 April 2026

    FM Daily Brief: 21 April 2026

    It's Tuesday, the twenty-first of April, twenty twenty-six. You're listening to the Finance Magnates Daily Brief. Today's lead: the Bank for International Settlements has put dollar stablecoins on the regulatory hot seat. Also ahead: first quarter earnings from Capital.com and Plus500, Revolut pushes its IPO to twenty twenty-eight, and a look at where Singapore hedge funds are really moving.

    It's Tuesday, the twenty-first of April, twenty twenty-six. You're listening to the Finance Magnates Daily Brief. Today's lead: the Bank for International Settlements has put dollar stablecoins on the regulatory hot seat. Also ahead: first quarter earnings from Capital.com and Plus500, Revolut pushes its IPO to twenty twenty-eight, and a look at where Singapore hedge funds are really moving.

  • FundedNext Review 2026: Prop Firm Rules, Payouts & Challenge Models

    FundedNext Review 2026: Prop Firm Rules, Payouts & Challenge Models

    In this video, we review @FundedNext a proprietary trading firm offering evaluation challenges for CFD and futures traders using simulated accounts. We cover how the model works, including challenge types, profit targets, loss limits, and performance-based rewards. You’ll also learn about payout structures, supported platforms, and key features such as the firm’s 24-hour payout policy and flexible challenge formats. Watch the full video to see if FundedNext fits your trading approach. #FundedNext #PropFirm #PropTrading #FinanceMagnates #Trading #CFDTrading #FuturesTrading #TradingReview

    In this video, we review @FundedNext a proprietary trading firm offering evaluation challenges for CFD and futures traders using simulated accounts. We cover how the model works, including challenge types, profit targets, loss limits, and performance-based rewards. You’ll also learn about payout structures, supported platforms, and key features such as the firm’s 24-hour payout policy and flexible challenge formats. Watch the full video to see if FundedNext fits your trading approach. #FundedNext #PropFirm #PropTrading #FinanceMagnates #Trading #CFDTrading #FuturesTrading #TradingReview