Japanese media giant Nikkei on Tuesday reported that hackers had gained access to employee Slack accounts, stealing information pertaining to thousands of individuals.
Nikkei, which is best known for major financial publications such as The Nikkei and Financial Times, said the incident involved malware stealing Slack credentials from an employee’s personal computer.
The credentials were then used to access employee Slack accounts, which enabled the attacker to steal information pertaining to employees and business partners.
An investigation showed that names, email addresses and chat histories belonging to over 17,000 of Nikkei’s Slack users were compromised.
“No leakage of information related to sources or reporting activities has been confirmed,” the company clarified.
The hack was discovered in September and passwords have been changed as part of the company’s incident response procedures.
Nikkei noted that while the type of compromised information did not require it to disclose the data breach to authorities, it decided to voluntarily report the incident to Japan’s Personal Information Protection Commission.
Infostealer malware has been known to collect Slack credentials from infected devices. Hudson Rock, which closely monitors infostealer activity, reports that this type of malware has compromised more than 270,000 Slack credentials. The company has identified the infostealer instance that was likely reponsible for the theft of Nikkei Slack credentials.
This is not the only data breach disclosed by Nikkei in recent years. In 2022, the company was targeted in a ransomware attack that impacted customer information.
*updated with information from Hudson Rock
Related: 10 Million Impacted by Conduent Data Breach
Related: Open VSX Downplays Impact From GlassWorm Campaign
Related: Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums
