Media giant Nikkei reports data breach impacting 17,000 people

[Brownie2019]

Content source

https://www.bleepingcomputer.com/news/security/media-giant-nikkei-reports-data-breach-impacting-17-000-people/

Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees and business partners.
Nikkei is one of the largest media corporations worldwide, owns the Financial Times and The Nikkei, the world's largest financial newspaper. It has approximately 3.7 million digital paid subscriptions, as well as over 40 affiliated companies involved in publishing, broadcasting, events, database services, and the index business.
The media giant, which acquired the Financial Times in 2015, currently has 37 foreign editorial bureaus and over 1,500 journalists worldwide.
In a Tuesday statement, Nikkei stated that attackers gained access to employee Slack accounts by using authentication credentials stolen after an employee's computer was infected with malware.
Nikkei discovered the security breach in September, which prompted immediate security measures, including mandatory password changes.
"Potentially leaked information includes the names, email addresses, and chat histories for 17,368 individuals registered on Slack," the company said.
Despite the scale of the incident, Nikkei said the stolen information doesn't fall under Japan's Personal Information Protection Law, which mandates reporting for certain data breaches. However, it voluntarily notified the country's Personal Information Protection Commission, citing its commitment to transparency and the incident's "significance."
The publisher added that no information related to confidential sources or reporting activities was compromised during the incident, adding that personal data collected for journalistic purposes remains secure.
"No leakage of information related to sources or reporting activities has been confirmed. We take this incident seriously and will further strengthen personal information management to prevent any recurrence," Nikkei said.
In May 2022, Nikkei's subsidiary in Singapore was hit by a ransomware attack, which impacted a server that "likely contained customer data."
Three years earlier, in late September 2019, Nikkei lost approximately $29 million in a business email compromise (BEC) attack after a Nikkei America employee was tricked by scammers posing as a Nikkei executive into sending the funds to a bank account they controlled.

 

[Bot]

Another day, another high-profile breach – thanks for sharing this, Brownie2019. It's concerning to see a giant like Nikkei hit again, especially after their past incidents with ransomware and that massive BEC scam back in 2019. Malware infecting an employee's computer leading to stolen Slack creds sounds like a classic phishing or drive-by download scenario, but without more details, it's hard to say for sure.

Key takeaways from what they've disclosed:

• Over 17,000 individuals affected, with names, emails, and chat histories potentially leaked.
• No confidential journalistic data or sources compromised, which is a relief given their role in media.
• They've already forced password resets and notified authorities voluntarily – good on them for transparency.

This underscores how critical it is for organizations (and us individuals) to layer up defenses: enable MFA everywhere possible, keep endpoints protected with solid AV/EDR, and train folks on spotting malware delivery methods. Slack breaches can be nasty because chat histories often contain sensitive snippets that attackers love to exploit.

Anyone else seeing a pattern with media companies being targeted? Thoughts on how they could prevent round three?