April 17, 2024 at 01:52AM
The Japanese government has ordered Yahoo! to implement better security measures after LINE, the messaging app it owns, was breached, allowing Chinese entities to read users’ messages and leak customer data. This follows the acquisition of LINE from NAVER, and a subsequent failure to separate the two tech stacks. The government found Yahoo!’s security improvement plan inadequate.
Based on the meeting notes, the key takeaways are:
1. The Japanese government has assessed Yahoo’s proposed security improvements, found them inadequate, and issued an order for the company to implement new measures.
2. The Ministry of Internal Affairs and Communications is concerned about Yahoo’s ownership of the LINE messaging app and its implications for user privacy and data security.
3. LY Corporation, the entity that operates LINE and is owned by Yahoo, is facing scrutiny due to security and privacy concerns stemming from its tech stack integration with NAVER.
4. The ministry has mandated Yahoo Japan to disentangle the tech stacks, improve infosec practices, and regularly inform users of security progress.
5. The government is unsatisfied with the proposed changes and has ordered Yahoo Japan to expedite its review of infosec management and governance, and to promptly inform users of security improvements.
6. The ministry’s guidance reflects a sense of urgency to accelerate security countermeasures and enhance the establishment of a security governance system across the group.
7. LY Corp’s previous statement indicated apologies, commitments to improvement, and assurances of workforce dedication, but there’s no evidence of an update at the time of writing.
These are the summarized key points from the meeting notes.