Overview
- Nikkei announced on November 4 that personal data and chat histories for 17,368 people may have been taken from its Slack environment.
- Investigators believe attackers used Slack credentials stolen from a malware-infected, personally owned computer to log into an employee account.
- Potentially exposed information includes names, email addresses, and Slack conversation histories registered in the service.
- Those possibly affected include employees and business partners, with the company detecting the issue in September and initiating password changes.
- Nikkei says it has found no evidence that reporting sources or reporting-related information leaked and is strengthening controls to prevent a recurrence.