The Japanese media conglomerate Nikkei, famous for its major financial publications like The Nikkei and the Financial Times, recently reported a significant cybersecurity incident involving unauthorized access to its internal communication platform, Slack. The breach was confirmed to have compromised data belonging to thousands of individuals. An investigation revealed that the incident originated with malware infecting an employee’s personal computer, which was used to steal their Slack credentials.
Once the credentials were stolen, the attacker used them to gain access to several employee Slack accounts. This unauthorized access allowed the malicious actor to siphon off various pieces of information relating to both employees and external business partners. Ultimately, the company discovered that names, email addresses, and chat histories for over 17,000 of Nikkei’s Slack users had been compromised in the attack.
Despite the scale of the information theft, Nikkei released a clarification to assure the public that the most sensitive corporate data remained secure. The company stated unequivocally that “No leakage of information related to sources or reporting activities has been confirmed.” The breach itself was initially discovered in September, and Nikkei’s immediate response included changing passwords across the platform as a key part of its incident response protocols.
Although the specific types of data compromised did not legally mandate a public disclosure to authorities, Nikkei made the decision to voluntarily report the incident. They submitted a report to Japan’s Personal Information Protection Commission, choosing transparency in their handling of the cybersecurity event. This type of threat is increasingly common, as firms like Hudson Rock, which monitor infostealer activity, report that this specific class of malware has been responsible for compromising more than 270,000 Slack credentials globally.
This latest Slack breach is not the first data security challenge the media giant has faced in recent years. In 2022, Nikkei also dealt with a separate incident involving a ransomware attack that specifically impacted and compromised customer information. These successive breaches highlight the persistent and evolving cybersecurity threats facing major organizations in the media and finance sectors.
Reference:
