Cybercriminals are intensifying attacks on Japan’s midsized brokerages, exploiting vulnerabilities in online trading platforms as the country’s largest securities firms implement robust safeguards.

Okasan Securities and Iwai Cosmo Securities confirmed they were hit by fraudulent trading schemes, with Iwai Cosmo reporting unauthorized access to client accounts leading to illicit trades in Japanese equities, according to Bloomberg.

Okasan Securities declined to provide specifics on the breach.

The surge in account takeovers has alarmed the financial sector, with Japan’s Financial Services Agency reporting a more than tenfold increase in fraudulent trading incidents in April compared to March.

From January to April, illicit trades linked to hacked accounts amounted to ¥304.9 billion ($2.1 billion) across 3,505 transactions, highlighting the escalating threat.

Japan’s top 10 brokerages, initially targeted by hackers, have responded with enhanced security measures.

Rakuten Securities, for instance, reported no unauthorized logins since May 2 after upgrading its trading tools and strengthening security protocols, a company spokesperson said.

To counter the growing risk, the industry is rapidly adopting multi-factor authentication l.

As of May 14, 74 brokerages had implemented mandatory MFA, according to the Japan Securities Dealers Association, signaling a broader