Source: dolphyn via Alamy Stock Photo
Analysis by the Japanese government of a recent data breach at the widely popular Asian messaging application Line has resulted in a directive for the organization to break up its technology from parent company Naver.
A series of megamergers in recent years resulted in Line becoming more popular than WhatsApp in countries like Japan and Thailand, under the control of South Korean tech giant Naver. Then making matters worse, in 2021, Line merged with Yahoo Japan, which is owned by SoftBank, leaving Line's business divided between the Japanese SoftBank and South Korean Naver. It all left behind a rambling combined technology footprint that provided a gappy, sprawling attack surface which ultimately led to the November 2023 data compromise of more than 510,000 Line users, according to new administrative guidance issued by the Japanese Ministry of Internal Affairs and Communications on Mar. 5.
Somewhere along the megamerger way, Naver and SoftBank decided to join up to try to create an Asian technology juggernaut, called LY Corp, to rival Google and Amazon, according to Nikkei Asia. The problem, according to the analysis by the Japanese ministry, is that the merged organization, which includes Line as well as other services, has relied too heavily on Naver's technology. Among criticisms of Naver and Line's cybersecurity practices is the presence of a shared Active Directory between them, as well as the Naver cloud's "extensive access" to Line's network, the Register reported.
"It is necessary to make appropriate considerations for reviewing the management of your company, including your parent company, in order to make the management and supervision of outsourced parties function properly," the Ministry said in its final report to LY Corp.
The government regulators are calling for a review of both Naver and Line's cyber practices, as well as regular quarterly updates on their progress.
LY Corp. has agreed to cooperate with the Japanese government's requests, it said.