Notice of Bug in LINE Timeline System
2018.06.05
A bug that could cause the system to temporarily show another user's Timeline occurred in the web-based (browser) version of the LINE messaging app. This bug occurred under specific conditions, such as when there was a heavy traffic load.
An internal investigation determined that the possibility of this bug occurring was less than 0.01% (among users of the web-based (browser) version of Timeline). The bug was promptly fixed upon discovery and the service is now operating properly.
* This type of bug has not occurred on Timeline when accessed through the LINE app.
・ Cause: Incorrect settings on an external CDN service
・ Discovered: Around 10 pm on May 16, 2018 (GMT+9)
・ Resolved: 12:42 am on May 17, 2018 (GMT+9)
・ Confirmed affected period: May 14-17, 2018
* Since a change had been made to the system specifications on February 27, 2017, it is possible that a similar bug may have occurred on or after the date of change.
・ Users who may have been affected by this bug: Users who accessed the web-based (browser) version of Timeline
・ Incidents reported: None
This system bug was discovered, reported, and investigated as a result of the "LINE Security Bug Bounty Program." The program, opened up to the public by LINE Corporation on June 2, 2016, pays out rewards to reporters that notify LINE of service vulnerabilities found in the LINE app (limited to the latest version available for each OS at the time of the reported vulnerability) and certain related services.
LINE Corporation will continue to make sincere efforts to resolve each and every bug and vulnerability in its services.
The LINE Security Bug Bounty Program continues to accept reports of vulnerabilities from external parties.
Bug Report Form: https://bugbounty.linecorp.com/apply/