Get fresh insights, pro tips, and thought starters–only the best of posts for you.
Kyushu Electric Power Transmission and Distribution Co., Inc. lost an external backup drive containing customer data tied to up to 10.9 million accounts. The incident highlights how removable media security, device encryption, physical access controls, and backup governance are critical for preventing data exposure outside traditional cyberattacks.
Kyushu Electric Power Transmission and Distribution Co., Inc. has disclosed a major data security incident after an external backup drive containing customer information tied to up to 10.9 million accounts went missing. While there is currently no evidence of misuse, the incident highlights how physical storage devices can create significant security risks when proper governance controls are absent.
The Kyushu Electric Power Transmission and Distribution Co., Inc. data loss incident stems from a backup operation performed on April 27, 2026. According to reports, the organization used an external storage device because the server lacked sufficient storage capacity. After completing the backup, staff stored the drive in a cabinet inside a secured server room.
However, the cabinet was later found unlocked. On May 26, IT personnel discovered that the backup drive was missing.
Kyushu Electric Power Transmission and Distribution Co., Inc. stated that the lost device may contain information related to approximately 10.9 million customer accounts. The exposed data reportedly includes customer names, service addresses, electricity consumption data, telephone numbers, and details about retail electricity providers. The company clarified that it did not store bank account or credit card information on the drive.
They reported the incident to Japan’s Personal Information Protection Commission and other relevant government authorities.
Unlike ransomware attacks or external breaches, this incident highlights risks associated with operational processes and physical media management. A missing backup drive can expose organizations to privacy concerns, regulatory scrutiny, and reputational damage even when no cyberattack has occurred.
The event raises several important questions:
When removable media contains large datasets, even a single missing device can become a major security event.
Organizations often focus heavily on network and cloud security while overlooking physical storage devices. Yet removable media remains a common source of data exposure.
External drives are frequently used for backups, migrations, maintenance operations, and emergency recovery processes. Without proper governance, these devices can introduce risks such as:
Strong removable media security policies should include encryption requirements, usage restrictions, access controls, inventory management, and audit logging.
Just as importantly, organizations should minimize the amount of sensitive information copied to portable storage whenever possible.
Incidents like the Kyushu Electric Power Transmission and Distribution Co., Inc. data loss demonstrate why organizations need centralized control over endpoints and removable devices.
With Hexnode UEM, IT teams can configure removable media controls on supported Windows and macOS devices and create compliance policies for enrolled devices. Administrators can apply supported device restrictions, configure compliance criteria, and monitor whether enrolled endpoints meet organizational security requirements.
Hexnode also supports security initiatives such as:
For organizations seeking deeper visibility, Hexnode XDR can help correlate endpoint telemetry, enrich alerts with device health and policy context, map attack chains to MITRE ATT&CK, and support IOC hunting. This enables analysts to search historical process and endpoint event data for indicators of compromise and respond to confirmed threats with actions such as endpoint isolation, process termination, or file quarantine.
The Kyushu Electric Power Transmission and Distribution Co., Inc. incident serves as a reminder that data loss does not always originate from cybercriminals. Operational workarounds, unsecured storage devices, and gaps in physical security can expose millions of records just as effectively as a network breach.
Organizations should treat backup media with the same level of scrutiny as any other critical asset. Combining encrypted backups, strong removable media security controls, physical access discipline, and continuous endpoint compliance can significantly reduce the likelihood and impact of similar incidents.
Strengthen compliance, encryption, and device security with Hexnode's unified endpoint management platform.
Start Your Free Trial!The missing drive reportedly contained customer names, addresses, electricity usage data, phone numbers, and retail electricity provider details linked to up to 10.9 million accounts. No bank account or credit card data was stored on the device.
Device encryption helps protect data on removable storage devices. If a device is lost or stolen, encryption can prevent unauthorized access to the stored information.
