top of page
Search

"Hackers Breach Nikkei's Slack, Steal 17K Messages and Personal Data"

  • Nov 6, 2025
  • 2 min read

Background


  • Nikkei Inc., a major Japanese financial news and media group, including the Financial Times, disclosed a data breach affecting its internal Slack workspace.

  • The breach was first discovered in September 2023 after noticing unusual logins to employee messaging accounts.

  • The incident led to the exposure of sensitive, private information belonging to over 17,000 people, including employees and business partners.


Key Findings


The Entry Point: A Stolen Slack Account


  • The breach started when an employee's personal computer was infected with malware, allowing attackers to steal login credentials.

  • The compromised credentials were then used to gain unauthorized access to Nikkei's internal Slack workspace.

  • The attackers were able to access the names, email addresses, and chat histories of 17,368 individuals registered on the Slack platform.


Response and Risk Assessment


  • Nikkei took immediate action, implementing password resets and other containment measures.

  • The company voluntarily informed the Personal Information Protection Commission in Japan about the incident.

  • Nikkei issued a statement, assuring that no information related to journalistic sources or reporting activities was compromised.

  • This is not the first security issue for Nikkei, as the company lost $29 million in 2019 due to a Business Email Compromise (BEC) scam.


Expert Commentary


  • Mayank Kumar, Founding AI Engineer at DeepTempo, noted that the initial malware was a small move, with the real objective being to steal valid login details.

  • This allowed the criminals to operate unnoticed inside the network and blend seamlessly into normal business activities.

  • The critical challenge is recognizing when an authorized user is performing an action (like scraping 17,000 records) that is fundamentally different from their normal activity.


Conclusion


The Nikkei Slack breach highlights the growing risks associated with the use of cloud-based collaboration platforms, particularly when they are not properly secured and configured. The exposure of sensitive personal data and internal communications raises compliance concerns and could have significant reputational and legal implications for the media conglomerate.


Sources


  • https://hackread.com/nikkei-data-breach-hackers-steal-data-slack-messages/

  • https://dailysecurityreview.com/cyber-security/information-security/nikkei-slack-breach-exposes-17000-employees-and-partners-data/

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page