This post is also available in:
עברית (Hebrew)
Nikkei Inc., Japan’s largest financial news organization and owner of the Financial Times, revealed that hackers gained access to its networks through an employee’s Slack account, potentially exposing sensitive information about business partners and the Slack messages of more than 17,000 users.
According to the company, the breach began when a personal computer used by an employee became infected with malware, which then compromised their Slack authentication credentials. The incident, first identified in September, allowed attackers to move laterally across the system and access multiple employee accounts. Nikkei confirmed that it has since implemented countermeasures, including resetting passwords.
Experts say the attack highlights the growing risk associated with collaboration platforms. The initial malware was only the foothold. The real goal was to steal credentials and blend in as legitimate employees. Once inside Slack, traditional security tools may fail to detect unusual activity.
According to Cybernews, they noted that even without ransomware, the stolen data can be leveraged for future phishing attacks. Names, emails, and chat histories are valuable for social engineering campaigns. The reputational and operational risks are significant, even if the data doesn’t meet formal definitions of personal information.
Nikkei did not disclose which departments were affected but acknowledged that both employee and partner information might have been exposed. The company emphasized there is no evidence that sensitive journalistic sources or reporting activities were compromised.
With a global presence—including 51 domestic bureaus and 37 international offices—Nikkei produces a wide range of media, from the flagship Nihon Keizai Shimbun and Nikkei Asia to television and radio stations. Its flagship newspaper has a daily circulation of over 1.7 million and more than three million digital subscribers.
Due to the incident’s scale, Nikkei voluntarily reported the breach to Japan’s Personal Information Protection Commission. “We take this incident seriously and will further strengthen personal information management to prevent any recurrence,” the company said.
The case serves as a reminder of the risks posed by essential business tools like Slack, highlighting the need for organizations to monitor access and detect potential data exfiltration in real time.
