In a worrisome turn of events, messaging app giant Line Yahoo Corporation has revised the scope of its previously reported data breach. A deeper investigation uncovered additional compromises, significantly boosting the number of potentially leaked data points. This incident underscores the far-reaching consequences of a single infection and the challenges of securing interconnected systems.
LINE’s comprehensive investigation into the cyber-attack, initiated via a subsidiary’s compromised system, has revealed the extent of the data breach. Initially, the breach was attributed to malware infecting an employee’s computer at NAVER Cloud, leading to unauthorized access to LINE’s internal systems. The breach, initially reported to have commenced on October 9, was later revised to September 14, 2023, amplifying the severity of the incident.
The breach has resulted in the potential leakage of approximately 440,000 pieces of personal information, including data related to users, business partners, and employees. Subsequent investigations unveiled additional data leaks, bringing the total count to 300,980 user-related, 86,211 business partner-related, and 133,315 employee-related personal data potentially compromised.
“In the service systems used by our company for internal communications, such as email and Slack, we have confirmed additional leakages of user information (42 records), business partner information (106 records), and employees and other personnel information (78,962 records) (including estimates),” the company wrote in an announcement.
The ramifications of the breach extend beyond mere data exposure, raising concerns about privacy infringement and trust erosion among users, partners, and employees. In response to these findings, LINE has embarked on a series of remedial measures, including revising the affected scope, enhancing cybersecurity protocols, and bolstering data protection mechanisms to prevent future breaches.
The LINE data breach serves as a stark reminder of the ever-present threat landscape and the imperative for organizations to remain vigilant and proactive in safeguarding sensitive information.
Source: Original Post