Malware-pwned laptop gifts cybercriminals Nikkei's Slack

Malware-pwned laptop gifts cybercriminals Nikkei's Slack

Briefly

"exposing the personal details of more than 17,000 employees and business partners. The company blamed the intrusion on malware that infected an employee's device, letting attackers pinch Slack credentials and waltz into its chat system. Once the suspicious activity was spotted, Nikkei said it called in the incident to Japan's Personal Information Protection Commission - even though it may not technically have been obliged to do so under local privacy law."

"In total, 17,368 people were caught up in the mess, with names, email addresses, and Slack chat histories potentially exposed. The publisher insisted that "no leakage of information related to sources or reporting activities has been confirmed," though any leak of internal chatter is bound to sting for a media outfit built on confidentiality. The company has not disclosed how long the attackers had access or whether the compromised Slack channels contained sensitive commercial material."

"The breach is the latest reminder that collaboration platforms are prime targets for hackers. Slack and its ilk have become the digital equivalent of the office watercooler, only this one's wired straight into the internet and brimming with corporate secrets. One compromised laptop, it turns out, can be enough to open the door to an organization's entire communications network. Unsurprisingly, attackers have increasingly turned their attention to these workplace chat systems, knowing that employees tend to share passwords, documents, and unguarded opinions in supposedly private"