CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Nikkei Slack Platform Breach Exposes 17,000 People's Data

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

Japanese media corporation Nikkei disclosed a data breach affecting 17,368 individuals. Attackers accessed employee Slack accounts using credentials stolen after malware infected an employee's computer. The breach was discovered in September 2025, and the compromised information includes names, email addresses, chat histories, and potentially sensitive data such as trade secrets. Nikkei voluntarily reported the incident to Japan's Personal Information Protection Commission, despite not being legally required to do so. The breach did not impact confidential sources or journalistic data. This incident marks the latest in a series of cyberattacks against Nikkei, including a $29 million loss in a 2019 business email compromise (BEC) attack.

Timeline

  1. 04.11.2025 18:28 2 articles · 6d ago

    Nikkei Slack Platform Breach Discovered in September 2025

    Nikkei discovered a data breach in September 2025, where attackers gained access to employee Slack accounts using stolen credentials from malware-infected computers. The breach exposed the personal information of 17,368 individuals, including names, email addresses, chat histories, and potentially sensitive data such as trade secrets. Nikkei voluntarily reported the incident to Japan's Personal Information Protection Commission and implemented immediate security measures. The breach affected both employees and business partners, though the exact number of third parties impacted is unclear.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Discord User Data Compromised in Third-Party Breach

Hackers claim to have stolen data from 5.5 million unique Discord users after compromising a third-party customer service provider. The attack occurred on September 20, 2025, affecting users who interacted with Discord’s customer support and/or Trust and Safety teams. The breach appears to be financially motivated, with hackers demanding a ransom. The Scattered Lapsus$ Hunters (SLH) threat group claimed responsibility for the attack, stating they breached a Zendesk instance used by Discord for customer support. The compromised data includes real names, usernames, email addresses, contact details, IP addresses, messages, attachments, photos of government-issued identification documents, partial billing information, and purchase history. Discord took immediate action to isolate the support provider from its ticketing system and launched an investigation with the help of a forensics firm and law enforcement. The hackers also accessed corporate data, including training materials and internal presentations. Discord has notified law enforcement and relevant data protection authorities about the incident. No full credit card numbers, CVV codes, passwords, or authentication data were compromised. Additionally, no messages or activity on Discord outside of communication with customer support were obtained by the attackers.

Open in new tab

Renault and Dacia UK Customers Affected by Third-Party Data Breach

Renault and Dacia UK customers have been notified of a data breach affecting personal information shared with a third-party provider. The breach exposed full names, gender, phone numbers, email addresses, postal addresses, vehicle identification numbers, and vehicle registration numbers. The third-party provider has isolated the incident and removed the threat from its networks. The affected customers are advised to be vigilant against potential phishing and social engineering attacks. The number of impacted customers and the identity of the third-party provider have not been disclosed. The breach follows a significant cyberattack at Jaguar Land Rover in the UK, which disrupted operations for nearly a month, and is part of a string of breaches in the transport sector, impacting JLR, Collins Aerospace, and LNER.

Open in new tab

Qantas Data Breach Affects 5.7 Million Passengers, Executive Pay Reduced

Qantas suffered a data breach in June 2025, exposing personal information of approximately 5.7 million passengers. The breach occurred through a third-party platform used by a customer service contact center. In response, Qantas reduced executive pay by 15%, equating to a $250,000 reduction for CEO Vanessa Hudson. The breach was attributed to the UNC6040 group, affiliated with ShinyHunters, which also targeted other companies using Salesforce as an entry point. The compromised data included names, email addresses, frequent flyer numbers, and some additional personal information. No payment card numbers, financial information, passport numbers, or Qantas account credentials were impacted. Qantas has warned customers of increased scam and phishing activities and has implemented additional security measures.

Open in new tab

Chess.com suffers data breach via third-party file transfer app

Chess.com experienced a data breach in June 2025, where unauthorized actors accessed a third-party file transfer app used by the platform. The breach occurred between June 5 and June 18, affecting approximately 4,500 users out of the platform's 100 million user base. The compromised data includes names and other personally identifiable information (PII). Chess.com discovered the breach on June 19 and has since taken measures to secure its systems and notify law enforcement. The platform is offering impacted users free identity theft and credit monitoring services. This is the second cyber incident for Chess.com in recent years, following a 2023 data breach where over 800,000 user records were scraped and posted online.

Open in new tab