For customers of LINE Official Account who haven't migrated to the new platform.For customers managing LINE Official Accounts.Please also refer to the following information.For users who are following accounts or official accounts, please check whether the account profile images are genuine by blocking the accounts, then unblocking. Please make sure to check your profile image on the LINE app. A correct profile image might be displayed on account managers of and LINE Official Account, but the image might be falsely replaced on the LINE app.Customers of and LINE Official Account please see the instructions below.If you have enabled "Share profile media updates" under the Profile setting, a notice is posted to your Timeline every time you change your profile image.If you have already corrected your profile image, please check your Timeline history for signs of involuntary tampering to your profile image.Ģ.1.2 For customers of and LINE Official Account.Please follow the steps below to check whether your account has been affected by the vulnerability.In this case, please kindly use the inquiry form below to notify LINE. If a tampered profile image has not been changed to a default photo, the account was likely overlooked during LINE's bug investigation. However, as checking the profile images of all LINE accounts will require a significant amount of time, we would kindly like to ask LINE users to voluntarily check their own profile image for signs of possible tampering.
Image line support number update#
In case any additional damage is identified that requires handling by LINE, we will update this report with the details and individually notify the affected users. We have started a retroactive impact assessment after discovering that the bug was present since May 17, 2019. For personal-use LINE accounts that we determined to have been affected, we have changed the profile photo to a default one and are individually contacting these users.
We have been individually contacting a number of affected users, including LINE Official Account (premium account) customers. With the information provided by the reporter and through our own investigations, we determined that the vulnerability has at the very least been used between August 30–31, 2019 to tamper with the profile photos of users' LINE accounts. We received a report regarding this vulnerability through our LINE Security Bug Bounty Program. The vulnerability has been fixed as of 6:02 pm (GMT+9), August 31, 2019. It has only affected the photo upload function, and we have found no instance of passwords or personal information being compromised.
This vulnerability affected personal-use LINE accounts, as well as accounts, and LINE Official Accounts. On August 31, 2019, a security bug (vulnerability) affecting the upload function for profile photos was reported via our Bug Bounty Program and promptly fixed.Ī flaw in access restrictions was found in the photo upload API used for changing LINE profile photos, making it possible for a third party to change the profile photos of other LINE accounts at will.