HomeRisk ManagementsJapan: Cleaning Up Post-Merger Tech Sprawl Following Line Breach

Japan: Cleaning Up Post-Merger Tech Sprawl Following Line Breach

Published on

spot_img

The recent revelation of a data breach at the popular messaging app Line has prompted the Japanese government to take action against the company’s parent organization, Naver. The government’s analysis has led to a directive calling for the separation of Line’s technology from Naver in order to address the security vulnerabilities that led to the breach.

Line’s journey to becoming a dominant messaging app in Asian markets, surpassing even WhatsApp in countries like Japan and Thailand, was marked by a series of mergers and acquisitions. The merger with Yahoo Japan in 2021, owned by SoftBank, further complicated Line’s business structure, with ownership divided between Japanese and South Korean tech giants. This convoluted ownership structure created a sprawling attack surface, with gaps in security that were exploited in the November 2023 data compromise affecting over 510,000 Line users.

The Japanese Ministry of Internal Affairs and Communications issued administrative guidance on Mar. 5, instructing Line and its parent companies to disentangle their technology and strengthen cybersecurity practices. The analysis by the ministry highlighted concerns about the reliance on Naver’s technology within the merged organization, known as LY Corp. Critics pointed to shared Active Directory between Naver and Line, as well as extensive access to Line’s network from Naver’s cloud services.

In response to the government’s directive, LY Corp. has committed to cooperating with the review of its cybersecurity practices and providing regular updates on progress. The Ministry emphasized the importance of proper management and supervision of outsourced parties to ensure security protocols are effectively implemented.

The regulators are calling for a comprehensive review of Naver and Line’s cybersecurity measures, with a focus on identifying and addressing weaknesses in their systems. The quarterly updates requested by the government will monitor the implementation of security improvements and track the progress of ongoing efforts to enhance data protection.

The collaborative approach between LY Corp. and the Japanese government signals a commitment to addressing the underlying issues that led to the data breach. By acknowledging the need for stronger cybersecurity measures and actively engaging with regulators, Line and its parent companies are taking steps to safeguard user data and mitigate future security risks.

Source link

Latest articles

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...

RedLine Infostealer Thread Uncovers Covert Maritime Phishing and BEC Infrastructure

Investigation Reveals Targeted Spear-Phishing and BEC Campaign in Maritime Sector A routine alert from a...

Insurance Giant Aflac Reports Data Breach Affecting Millions

Aflac Faces Major Data Breach Affecting Millions of Customers In a significant disclosure to the...

Simplify, Secure, Scale – A Business Leader’s Guide to Network Modernization with Google Cloud Webinar

Hybrid Network Infrastructure: Challenges and Solutions in the Era of Cloud and AI In an...

More like this

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...

RedLine Infostealer Thread Uncovers Covert Maritime Phishing and BEC Infrastructure

Investigation Reveals Targeted Spear-Phishing and BEC Campaign in Maritime Sector A routine alert from a...

Insurance Giant Aflac Reports Data Breach Affecting Millions

Aflac Faces Major Data Breach Affecting Millions of Customers In a significant disclosure to the...