In response to media reports that malicious parties exploited Taiwan Mobile’s voicemail function and LINE’s verification mechanism to steal user accounts, the Ministry of Digital Affairs (MODA) stated that it immediately urged both companies to clarify the incident and take swift remedial action. At the same time, MODA also instructed the three major telecommunications operators to conduct a comprehensive review to further safeguard users’ rights and interests. Taiwan Mobile completed the necessary system and process corrections this morning (1st), while LINE launched an investigation into the incident and established customer service support mechanisms to assist users experiencing abnormal account activity.

MODA further explained that Taiwan Mobile’s investigation found that the affected system was the voicemail service originally used by former Taiwan Star subscribers (Taiwan Mobile and Taiwan Star officially merged on December 1, 2023, with Taiwan Star integrated into Taiwan Mobile). Because the voicemail service used a default password, if users did not change the preset password, unauthorized parties could access voicemail messages by entering the user’s mobile number and the default password, and could then obtain LINE’s voice verification code. Taiwan Mobile has since urgently patched the vulnerability by directing users attempting to access voicemail with the default password to customer service, where their identity is verified before their voicemail password is reset, thereby enhancing voicemail security.

To safeguard users’ rights and interests, MODA has instructed the three major telecommunications operators, Taiwan Mobile, Chunghwa Telecom, and Far EasTone Telecommunications, to conduct a comprehensive review and ensure that no similar vulnerabilities exist in any services provided to users. Taiwan Mobile has also reported the cybersecurity incident to MODA in accordance with the Cyber Security Management Act.

MODA explained that, on the LINE side, the company has launched an investigation into the incident and continues to closely monitor platform security. For cases involving abnormal account activity, LINE has also established customer service support mechanisms, providing different account recovery and follow-up procedures depending on whether the user’s account is linked to an Apple or Google account.

MODA will continue to closely monitor developments related to the incident and the effectiveness of account security mechanisms on instant messaging platforms, while overseeing service providers to prevent similar incidents from occurring again. The Ministry also reminded the public that if any abnormal account activity is detected, users should promptly seek assistance through official customer service channels and pay close attention to their account security settings and login status. If a verification code is received without being requested by the user, extra caution should be taken. Users are also advised to avoid using default settings or clicking on suspicious links to reduce the risk of account misuse or unauthorized access.