LINE: Massive-Scale Hack! T-Mobile Taiwan users’ accounts were logged out; netizens reveal “turn off one feature” to prevent it

LINE, the most widely used messaging app in Taiwan, saw a large-scale account takeover incident erupt on the evening of the 31st. A large number of users reported that, without clicking any suspicious links, their accounts were forcibly logged out and they were unable to log back in. The incident quickly spread on the social platform Threads, and victims not only face the risk of their personal messages being leaked, but are also worried about the safety of funds in LINE Pay and LINE BANK, which are linked to their accounts.

LINE says there’s trouble! Accounts were “logged out,” and they can’t be logged back in

On the evening of the 31st, many LINE users in Taiwan posted on Threads one after another seeking help, saying their accounts were suddenly logged out despite there being nothing unusual. After trying to log in again, an error message appeared on the screen: “Cannot find authentication information for this account.”

In addition, the groups and communities they had originally joined were all forcibly removed as well. The status shown to other members was “No members.” Many users said their accounts contain company groups, customer data, and important messages, and the loss is difficult to estimate.

At the same time, many users are also worried about whether financial services linked to LINE accounts—such as LINE Pay and LINE BANK—will have any issues with the safety of funds. Netizens suggest that if LINE BANK or LINE Pay experiences abnormal transactions, users should immediately contact their respective customer service to freeze their accounts.

LINE’s official response says, “We are still looking into the situation, and we will reply later.”

Suspected cause: A vulnerability in telecom providers’ “voicemail function” becomes a loophole

Netizens analyzed that a significant proportion of the victims are users of Taiwan Mobile, and users of Chunghwa Telecom and Far EasTone have also reported the same situation one after another, indicating the cause may not necessarily come from a single telecom provider—and could also be an issue on LINE’s side.

Netizens speculate that the hackers may have exploited security vulnerabilities in telecom providers’ voicemail systems. If the voicemail’s default password has not been changed, an attacker could intercept the voice verification code sent when logging into LINE by forging incoming calls or exploiting system vulnerabilities, ultimately forcibly logging out the user and stealing the account without the user’s knowledge.

This kind of attack method is also called “voice OTP interception.” There have been overseas cases recorded in the past, and this incident can be described as the largest one in Taiwan so far.

How to prevent it? Victims who have not been affected should immediately take three steps

Netizens suggest that users whose accounts have not been logged out should complete the following protective measures as soon as possible:

Step 1: Turn off voicemail or change the default password immediately

Voicemail is the main loophole suspected to have been exploited in this attack, so it’s recommended to deal with it first:

Taiwan Mobile users: In the app’s settings, turn it off; or open the app’s “Customer Service Xiaomai,” search for voicemail, and follow the instructions to turn it off; you can also call customer service directly at 0800-086-888 to handle it

Chunghwa Telecom and Far EasTone users: On the phone dialing interface, enter ##002# and then dial out to turn off voicemail; you can also turn it off through the settings function in their respective apps

Step 2: Turn off LINE’s “Allow other devices to log in” feature

Go to LINE “Settings” → “Account” → “Allow other devices to log in” → turn it off. This can prevent the account from being synchronized and logged in on other devices.

Step 3: Strengthen the security of your LINE account

Bind an email address to ensure there is a backup login method

Enable two-factor authentication to add a second layer of protection for the account

For those already logged out: Immediately fill out LINE’s official appeal form

If your account has been logged out and you can’t restore it on your own, the only potentially effective route right now is to fill out LINE’s official appeal form at: contact.line.me. It’s recommended that users prepare account-related information (registration phone number, linked email address, devices used in the past, etc.) to facilitate the appeal review.

This large-scale LINE account takeover incident once again highlights the issue that Taiwanese users generally lack knowledge and awareness regarding security settings for telecom services and messaging apps. Netizens suggest that turning off the voicemail default password and enabling two-factor authentication are both the most basic and effective measures to protect digital account security.

This article: LINE suffers a large-scale account takeover—accounts of Taiwan Mobile users are logged out; netizens say “turn off one function” to prevent it. First appeared on 鏈新聞 ABMedia.