Brave group leaks personal information of approximately 10,000 people. and other VTuber application information can be viewed by outside parties.

News

(Brave group), a VTuber business, announced a possible leak of personal information on June 25, 2024. Those whose personal information may have been leaked are those who applied for the auditions " Buisupop!


The leaked personal information is 10,653 at this time.

Brave group

JP auditions" run by Brave group company Virtual Entertainment, Inc. and "HareVare VLiver auditions" run by ENILIS, Inc. VLiver Audition" operated by ENILIS, another group company, and 2,610 applicants from "Brave group general audition" directly operated by ENILIS, for a total of 10,653 applicants.

The information presented here is the information known at this time, and personal information may have been leaked at past auditions as well. The number of subjects whose personal information was leaked from Brave group may vary depending on future investigations.


Causes of the Brave group personal information leak

ぶいすぽっ!

Brave group and its group companies are VTuber agencies, and they used Google Forms (hereinafter referred to as "Google Forms") for their VTuber audition application forms. Google Forms is the official name, but the company has referred to it as "Google Form" and "Google form" in its announcement.

The reason for this is that the URL for editing Google Forms can be viewed by respondents (in this case, the application information of audition applicants), and the "URL for editing" was in a state where it could be viewed by external parties.

According to the company's announcement, the editorial URL is not publicly available, so the editorial URL was leaked in some way. However, even if the URL was leaked, personal information would not have been leaked if it had been made unavailable for viewing.

Those who noticed the leak of personal information at 11:23 a.m. on June 18 and 16:28 p.m. on June 25 DM'd the official X (formerly Twitter), but apparently did not notice the DM, and the leak was discovered when the person who made the inquiry posted it on X and it became a topic of conversation.


Leaked personal information

The leaked information includes the name, prefecture of residence, phone number, date of birth, SNS used, and motivation for applying for the audition of the applicant VTuber. For those who mistakenly entered their address in the "prefecture of residence" field, their address was also leaked.

Since many applicants probably entered their real names, the VTuber activity name, real name, and date of birth would be revealed from the SNS information. Unlike a general leak of personal information of a company, the fact that the real name and date of birth of a VTuber, who, as the name suggests, is a virtual talent and has many enthusiastic fans, would be known could have an impact on future activities.


Companies investing in Brave group

PR TIMES

If you are not familiar with Brave group or VTubers, you may not know what kind of company they are, but Brave group is funded by many well-known companies. The following are the main companies that have invested in Brave group.

  • Osaka Gas Co.
  • Akatsuki Ventures Inc.
  • Saison Ventures Inc.
  • Animoca Brands Inc.
  • gumi ventures Inc.
  • Third Wave Inc.
  • Sumisho Venture Partners Corporation
  • Yostar Corporation
  • REALITY Corporation
  • septeni holdings co.
  • Shochiku Ventures Co.
  • The Shizuoka Bank, Ltd.
  • Mitsui Fudosan Co.
  • TV Asahi Holdings, Inc.
  • Simplex Capital Investment Co.
  • Tokyo University of Science Innovation Capital Co.
  • Money Forward Venture Partners Co.
  • Revamp Corporation
  • Adways Ventures Inc.

*In no particular order, some information is extracted at the time of the funding announcement.



Brave group's Privacy Policy and Information Security Policy


Brave Group has an "Information Security Policy " on its official website. The following is a complete summary of the company's efforts.


  • Responsible handling of confidential customer information

  • All persons who handle confidential information recognize the importance of protecting information assets from risks such as leakage, damage, and loss.

  • Proactive practices to maintain information security, confidentiality, integrity, and availability

The policy also states,"We have established an information security system with dedicated and experienced data security officers." The policy also states that the company has "established an information security system with dedicated and experienced data security officers," and that security measures, regular education and training, and periodic inspections and audits are conducted.


If these measures had been taken, it is unlikely that an incident like this would have occurred, but as the company says in its announcement, "There is a strong possibility of intentional leaks or unauthorized access." Let's wait for further news.