Hi! You may have heard about Nikkei, the large Japanese media group which owns the Financial Times. They've reported that a data breach has occurred that affects nearly 17,000 individuals. If you're interested in reports of breaches related to changes in online security, this one may be appealing to you.
• Hackers accessed the Slack accounts of Nikkei employees using the stolen passwords.
• Those passwords were harvested from a vendor's computer that had been compromised by a malware infection.
• These accounts contain a vast quantity of information, including names, email addresses, and chat messages of as many as 17,368 people.
• Nikkei detected this issue in September and required all involved to reset their passwords quickly.
Importantly, they reported it to Japan's Personal Information Protection Commission, although they had no obligation to do so. According to Nikkei, "no confidential journalist data or reporting information was part of the data that was taken."
Companies using Slack and other channels are not just a chatroom. Once people have come unauthorized access to the company's Slack, they would be able to access all chats that could contain other information of employees. It is not only the number of people affected; it is mainly what the hackers are able to access.
• One hacked computer can cause a company huge setbacks in security.
• Slack and other similar chat tools hold private data, pro-tect them just like you protect email and email servers.
• Transparency is good; it's good that Nikkei told the public even though they didn't have to disclose.
• Always have multi-factor authentication.
If you use Slack, Teams, or Discord, treat your accounts with some reverence — protect them before the next person pokes around.
What Occurred?
Here's the brief description:• Hackers accessed the Slack accounts of Nikkei employees using the stolen passwords.
• Those passwords were harvested from a vendor's computer that had been compromised by a malware infection.
• These accounts contain a vast quantity of information, including names, email addresses, and chat messages of as many as 17,368 people.
• Nikkei detected this issue in September and required all involved to reset their passwords quickly.
Importantly, they reported it to Japan's Personal Information Protection Commission, although they had no obligation to do so. According to Nikkei, "no confidential journalist data or reporting information was part of the data that was taken."
Why It Matters
You might think, "17,000 is a small number," correctly so. It's not like those massive hacks we've seen with millions of users. However, this is significant. Why? Because hackers accessed organization's internal chat messages.Companies using Slack and other channels are not just a chatroom. Once people have come unauthorized access to the company's Slack, they would be able to access all chats that could contain other information of employees. It is not only the number of people affected; it is mainly what the hackers are able to access.
What We Can Learn
There are a few things to note:• One hacked computer can cause a company huge setbacks in security.
• Slack and other similar chat tools hold private data, pro-tect them just like you protect email and email servers.
• Transparency is good; it's good that Nikkei told the public even though they didn't have to disclose.
• Always have multi-factor authentication.
Final Thoughts
Therefore, while the report “Media giant Nikkei suffers data breach affecting 17,000 individuals and leak of 800,000 accounts” is far from the largest breach of all time, it certainly serves a great reminder of how even a well-known and reputable company can deliver an exposure of sensitive data.If you use Slack, Teams, or Discord, treat your accounts with some reverence — protect them before the next person pokes around.