Photo/Illutration LY Corp. President Takeshi Idezawa, right, receives an administrative guidance document on data leaks at the communications ministry on March 5. (Naoko Murai)

The communications ministry instructed the operator of the Line messaging app to consider reviewing its capital relationship with South Korea’s Naver Corp. over a massive leak of personal information through cyberattacks.

“We understand that more efforts are necessary to ensure security,” Takeshi Idezawa, president of service provider LY Corp., told reporters on March 5. “We want to take an immediate response based on the ministry’s guidance.”

The Ministry of Internal Affairs and Communications issued the administrative guidance after LY said about 500,000 pieces of personal information, including those of Line users, were leaked due to cyberattacks.

LY was established in October through the merger of Line Corp. and Yahoo Japan Corp.

The ministry concluded that the company’s strong dependence on the South Korean information giant Naver, a major shareholder of LY, contributed to the information leakages.

It said a “considerable dominant relationship in organization and capital” with Naver made it difficult for Line to keep personal information safe and secure.

The ministry called on LY to consider reviewing its management structure, including its capital relationship, to enhance effectiveness of data security measures and prevent a recurrence.

LY is expected to be forced to reconsider the responses it has begun to take after the leaks.

“We did not expect such a harsh administrative guidance,” said a source close to the company. “We have to start from scratch in taking countermeasures.”

LY announced in November that about 440,000 pieces of personal information were leaked through a cyberattack on a subcontractor of a Naver subsidiary.

Line shared part of its systems infrastructure with the Naver subsidiary, which allowed the subcontractor to access Line’s systems.

The leaked information contained more than 20,000 pieces of data that fall under the “secrecy of communication” as defined by the Telecommunications Business Law, such as times and dates of communications and “identifiers” about message contents.

In February, LY announced a leak of an additional 50,000 pieces of personal information, including those of Line employees, through a separate cyberattack.

The communications ministry concluded that Naver’s subsidiary being granted extensive access to Line’s in-house systems was a factor in allowing illegal access.

It called on LY to limit access to its systems to a bare minimum, completely separate access authorization systems between LY and Naver and review its supervisory framework for contractors.

Idezawa was accompanied by Junichi Miyakawa, president of Softbank Corp., another major shareholder of LY, when he was summoned by the communications ministry on March 5.

The ministry asked Miyakawa to cooperate with LY in reviewing its corporate governance structure.

Line was originally established as a Japanese subsidiary of Naver. Its popular free messaging app has about 100 million users. 

A Holdings Corp., an intermediate holding company equally owned by Naver and Softbank, owned 64.5 percent of LY shares as of October. 

The remaining 35.5 percent was owned by general shareholders. 

 

Related News