LINE

(Chinese follows English / 中文版本在下方)

1. Overview

We have detected multiple unauthorized login attempts from July to September 2020, whereby valid ID/PW combinations affecting approximately 74,000 LINE accounts were identified.

We are currently taking proactive measures to prevent this issue from spreading.

The details of our investigation and response to alert our users of this issue are summarized below.

2. Incident assessment

Currently we are not aware of any LINE accounts that have been compromised. We have ascertained from our preliminary investigation that the unauthorized user or users who had obtained valid ID/PW combinations had attempted to log into a separate LINE service in order to confirm the validity of the ID/PWs in question. Therefore, as per this announcement, we made the decision to notify affected users.

◼Breakdown of the affected users by country/region

Japan: 41,204   Taiwan: 28,021   Thailand: 139   Indonesia: 10   Others: 4,604

Total: 73,978

3. Current status

Review the scope of two-step verification

We are reviewing whether the LINE services that can be accessed using the affected ID/PW combinations require two-step verification, and are applying two-step verification for those that do not currently require it.

Two-step verification is an authentication method that requires you to input a verification code that is sent to your registered LINE account when you log into a service.

In addition to verification via password, two-step authentication prevents unauthorized logins even in cases when your password is known to a third party, by verifying your identity using your registered LINE account.

Reference image: Two-step verification when logging into LINE

We have applied two-step verification for the following service (as of November 10, 2020):

* We plan to continue to adding two-step verification to other services not currently on the list

* Depending on the service listed, the link may take you directly to the LINE login screen

Initialization of password reset for certain users

We have reset passwords for affected user accounts who we were unable to confirm had updated their passwords between July through September 2020. We have sent such users a message through the LINE Official Account(OA)  starting 12:33pm JST on September 12, 2020 requesting users to reset their passwords.

The OA message was distributed in the below order:

1. The following message was sent through the LINE OA: “Password has been changed”
2. This was followed by a second message: “An unauthorized login attempt was detected to your LINE account. There is a risk that your password may have be compromised, and as a precautionary measure your password has been automatically reset on September 12 at 10:00 (UTC +7).

Reference image: Notification to affected users

If you used the same affected LINE password for other services, we recommend you change your password for those services.

LINE will contact you through the LINE OA when you log into your account.

Reference image: Login notification

When you log into a LINE service or desktop app, you will receive a login notification from the LINE OA that contains a verified account badge.

Please check the message, and if you did not log in yourself, immediately change your password.

※Instructions to change your password: https://help.line.me/line/?contentId=20000062

4. Correspondence in chronological order (all times are JST)

September 9, 2020: Detected login attempts for specific LINE services

September 12, 2020: After an internal investigation, we notified affected users regarding the password rest

5. Update history

September 12, 2020: Notification posted in Japanese

September 13, 2020: Notification posted in English and Chinese

November 26, 2020: The list of services that require two-step verification was updated

6. Inquiries regarding this matter

For inquiries regarding unauthorized access to individual LINE accounts, please contact us using the following form by selecting “Other” for Question #2:

https://contact-cc.line.me/detailId/10092

提醒您未經授權的第三方嘗試登入LINE帳號

1. 事件概要

從2020年7月到2020年9月間，系統偵測到大約74,000個LINE帳號有未經授權的第三方嘗試以有效的密碼登入，而我們也持續採取必要的緊急措施以阻斷任何可能發生的損害。

本文說明我們對此事件的調查與應對，同時提醒用戶提高警覺。

2. 關於本事件目前的狀況

目前，就我們所知並未有受影響的LINE帳號因此被盜。

在這次系統偵測到的事件中，我們推測攻擊者透過某些方法獲取帳號密碼，並試圖登入LINE所提供的特定服務，以驗證帳號密碼的有效性，因此我們決定通知用戶並公告此說明文件，以提醒用戶。

[此事件影響的各國用戶數]

日本：41,204   台灣：28,021   泰國：139   印尼：10   其他國家/地區：4,604

總計：73,978

3. 目前的應對狀態

重新審視二階段認證的適用範圍

我們正在審視目前使用LINE帳號登入的服務中尚未採用二階段認證的服務，並逐步將二階段認證部署至這些服務中。二階段驗證是一種於登入時顯示驗證碼，且要求用戶從LINE帳號中輸入正確驗證碼來驗證是否是本人的一種驗證方式。

透過使用者本人記憶中的密碼之外，加上利用使用者自己的LINE帳號作為認證機制，可在使用者密碼被第三方知悉時防止未經授權的登入。

參考圖片：LINE登入的二階段認證

這次，我們為以下服務部署了二階段認證。 （截至2020年11月26日）

為謹慎起見，提醒受影響的用戶變更密碼

我們對於在2020年7月到2020年9月間，曾受到未經授權的第三方嘗試登入的帳號擁有者，發出通知，提醒變更密碼。

1. 我們於台灣時間2020-09-12 14:00透過LINE系統帳號通知受影響的用戶，提醒用戶立即變更密碼。我們在此向突然收到通知，受影響的用戶表達歉意。
2. 至台灣時間2020-09-12 15:00為止，仍未變更密碼的用戶，我們採取了必要的緊急措施。我們先為這些用戶重置密碼，再透過LINE系統帳號為這些用戶提供可自行變更密碼的步驟，以便他們後續可順利登入帳號。

參考圖片：對受影響用戶的通知

若您在其他網路服務中也使用同一組密碼，請您考慮一併變更。

當任何人嘗試登入到您的LINE帳號時，我們都會透過LINE系統帳號同步告知您。

參考圖片：登入通知