Here's the complete intel brief article.
title: "LY Corporation: 7.1 Million LINE Game Users Exposed via Ad Tracker Misconfiguration" date: 2026-07-14 slug: ly-corporation-line-data-leak
LY Corporation: 7.1 Million LINE Game Users Exposed via Ad Tracker Misconfiguration
LY Corporation, the operator of the widely used LINE messaging app, has confirmed a data leak affecting more than 7.1 million users of its game services. According to the company, data was mistakenly transmitted to a third-party ad tracking company continuously since May 2022. The incident came to light in April 2026 and spans three separate games. LY Corporation says the exposed data has since been disposed of by the third party, and no unauthorized use has been reported.
What Happened
LY Corporation disclosed that a misconfiguration in its game services caused user data to be sent to an external advertising tracking company. The unintended data flow began in May 2022 and continued undetected for nearly two years before surfacing in April 2026. The leak affected roughly 7.1 million users across three of the company's games. The company has apologized for the inconvenience and anxiety caused to its users and pledged to implement measures to prevent a recurrence.
What Was Taken
The leaked data consisted of random strings of characters used to identify game players. LY Corporation stresses that these identifiers are unrelated to the LINE ID that users rely on to add friends. Critically, the company states the data did not include names, addresses, or phone numbers. While the exposure of pseudonymous player identifiers is less severe than a leak of directly identifying information, the volume of affected users at 7.1 million makes this a significant privacy event. The third-party company has reportedly disposed of the data, and no misuse has been detected to date.
Why It Matters
This incident is a textbook case of unintentional data exposure through third-party tracking, a category of risk that often goes unnoticed for extended periods. The nearly two-year gap between the start of the leak and its discovery underscores how misconfigured analytics and advertising integrations can silently exfiltrate user data at scale. For a platform of LINE's reach, even pseudonymous identifiers carry re-identification risk when combined with other datasets held by advertising networks. Defenders should treat this as a reminder that the third-party data supply chain is a live attack and exposure surface, not just first-party systems.
The Attack Technique
This was not an external breach or intrusion by a threat actor. The root cause was an internal misconfiguration that routed player identification data to a third-party ad tracker, likely through an embedded SDK, tracking pixel, or analytics integration. Such tracking components are commonly bundled into mobile games to measure user acquisition and engagement, and misconfigured consent or data-sharing settings can cause them to receive far more data than intended. The prolonged duration suggests the errant data flow was not caught by routine monitoring, code review, or data governance controls.
What Organizations Should Do
- Audit all third-party SDKs, tracking pixels, and analytics integrations to confirm exactly what data each component transmits and to which external endpoints.
- Implement egress monitoring and data loss prevention controls to detect unexpected outbound flows of user identifiers to external parties.
- Enforce data minimization so that advertising and analytics tools receive only the fields strictly required, never internal player or account identifiers.
- Establish periodic reviews of vendor data-sharing configurations, treating tracker settings as security-relevant and subject to change control.
- Map and document your third-party data supply chain, including sub-processors, so misdirected data can be identified and contained quickly.
- Validate consent and data-flow settings after every SDK update, since library upgrades can silently alter default data collection behavior.
Sources: LINE operator says data leaked on 7 million users | NHK WORLD-JAPAN News