Japan’s Line Messenger Embattled; 440,000 at Risk for Exposure
Table of Contents
- By Steven
- Dec 04, 2023
Line Messenger is a communication app that allows users to communicate for free by sending messages and making voice calls. Japan’s mega-corporation, LY Corp., owns them; LY offers a variety of lifestyle solutions, including shopping, business, gaming, and financial tech apps. LY purportedly discovered a breach at the beginning of October—although investigations are ongoing, the event may have exposed thousands. The breach likely impacted many Japanese residents, but Line users living state-side are also at risk.
How Did the Attack Occur?
The incident concerned LY in Japan and NAVER Cloud Corporation in Korea; the two corporations shared an in-house network for employee and personnel data, which additionally connected to some user information. A malware-infected computer owned by a subcontractor working for NAVER accessed the shared database; this exposed companies and associated systems to alleged cyber risks. The notice of incident published by LY states, “There was a high possibility of unauthorized access.” The extent of the attack remains under investigation. Subsequently, those with associated accounts should take steps to protect themselves.
What Information Was Viewed or Stolen?
The data stolen in this event differs between impacted parties. According to the notice, the unauthorized party may have stolen user data, but there are limited specifics. The notice states that the exposed details do not include information regarding bank accounts or credit cards. Instead, the exposures may involve internal Line app identifiers and some interactions between specific users. Further, business partners had information stolen, including personal data and email addresses. Despite the limited details regarding the data, Americans with Line accounts must act to protect themselves from data misuse.
How Did Line Messenger Admit to the Breach?
On or around October 9th, 2023, unauthorized access to LY’s servers occurred through an affiliate’s infected computer. More than a week later, around October 17th, officials noticed suspicious activity within their network and opened an investigation. The initial investigation concluded ten days later, confirming unauthorized access and prompting defensive continuity plans. A month later, on or around November 27th, LY began notifying interested parties, users, employees, and other personnel.
What Will Become of the Stolen Information?
The consequences of this breach are uncertain—mainly because the malware presumably was not targeting LY or Line directly. As a result, experts cannot predict what may happen with the stolen data. However, based on the stolen data, the assailants could misuse it for various fraudulent crimes, including impersonation and phishing plots. Consequently, Americans with Line accounts or LY associations must prioritize identity monitoring options, including suspicious account activity alerts.
What Should Affected Parties Do in the Aftermath of the Breach?
Potentially, 440,000 users, employees, and associates will face consequences from this breach. Outside of defensive identity solutions, those with exposed data should be cautious of disclosing additional information to bad actors. Ensure that all communications are from the proper source before responding to requests; enable multi-factor authentications across all associated accounts; and engage with professionals if you find or experience suspicious activity.