Line operator says 440000 personal records leaked in data breach

Line operator says 440,000 personal records leaked in data breach
KYODO NEWS KYODO NEWS - Nov 27, 2023 - 20:48 | All, Japan


Tech giant LY Corp. reported a massive data breach on Monday, saying as many as 440,000 items of personal data, including more than 300,000 linked to Line messaging app users, were leaked due to unauthorized access to an affiliate's computer system in October.

The leaked data did not contain information regarding bank accounts, credit cards or chat messages in the Line app, a popular social communications tool in Japan. There have been no reports of misuse so far, the company said.

It said the leaked data included users' age group, gender, and some of their service use histories, as well as information regarding the company's business partners and employees, such as email addresses, names and affiliations.

While the company confirmed the data leak on Oct. 29, it said it took about a month to make the announcement as it required time to confirm the scale of the breach.

"We sincerely apologize to our users and all relevant parties for any inconvenience or concern caused. We deeply regret this incident and will do our best to prevent any reoccurrence," the company said in a statement.

It has reported the case to the communications ministry.

LY was formed in October through the merger of Z Holdings Corp. and its group companies Line Corp. and Yahoo Japan Corp., a news portal site operator.

The leakage was caused when malware infected a computer owned by an employee of a subcontractor used by the company's South Korea-based affiliate, Naver Cloud Corp., it said.

Naver Cloud and LY share an in-house system for dealing with employee and other personnel information managed with a common authentication system, which allowed unauthorized access into LY's internal system, the company said.

The company initiated an investigation after detecting suspicious access on Oct. 17, concluding by Oct. 27 that it was highly likely an external breach. The initial unauthorized access occurred on Oct. 9.

It said it is contacting users, business partners and customers individually who it believes are at risk of being directly impacted by the leakage.

As of the end of September, some 96 million people were using the messaging app in Japan, with another 100 million users outside the country, according to the company.