Casio has suffered a major data breach, with bad actors making off with customer data from Japan and 148 additional countries.

According to an apology letter the company posted online, hackers breached the “development environment for ‘ClassPad.net,’ a web application managed and operated by Casio.” The issue stemmed from network security settings being disabled due to “operational error.”

The company listed the personal information that was accessed:

(1) customer name; (2) customer email address; (3) country/region of residence; (4) purchasing information (order details, payment method, license code, etc.); (5) service usage information (log data, nicknames, etc.)

All told, data from customers in 149 countries was accessed:

Customers in Japan

91,921 items belonging to customers, including individuals and 1,108 educational institution customers

Customers outside Japan

35,049 items belonging to customers from 148 countries and regions

Casio says it will contact impacted customers and apologized for the issue

Casio will strengthen technical safety management by implementing security enhancement measures for network routes and databases. In terms of operational management, Casio will implement thorough safety management measures, including reviewing security operational rules and continuing employee training on security measures.

Once again, Casio deeply apologizes for the great inconvenience and concern this incident causes our customers and everyone involved.