Workplace Apps Collect Extensive User Data, Raising Privacy and Security Concerns A recent study by Incogni, analyzing data from the Google Play Store as of March 20, 2026, reveals that ten widely used workplace apps including Gmail, Microsoft Teams, Zoom Workplace, Slack, and Notion collect an average of 19 data points per app, with some sharing sensitive information with third parties. These apps, cumulatively downloaded over 12.5 billion times, are integral to U.S. corporate operations but pose significant privacy and security risks. Data Collection and Sharing Practices Gmail leads in data harvesting, collecting 26 distinct data types, including approximate location, app interactions, and user IDs for advertising. Microsoft Teams and Zoom Workplace follow closely, with 25 and 23 data types, respectively both uniquely gathering precise location data. Six of the ten apps, including Slack, Notion, and Zoom Workplace, use collected data for marketing, with Slack, Todoist, and Notion specifically harvesting employee email addresses for this purpose. Notion stands out for its outbound data flow, sharing eight data types such as email addresses, names, and device IDs with third parties, including advertising partners. The app’s privacy policy permits tracking tools on user browsers, raising concerns over the exposure of sensitive workspace content like HR records and client data. Regulatory scrutiny has intensified, particularly after the EU’s Data Protection Board tightened GDPR requirements in December 2024 regarding personal data use in AI training, directly impacting Notion’s third-party model integrations. Security Vulnerabilities and Breach History Most apps in the study have a history of breaches. In January 2026, a 96-gigabyte database containing 149 million login credentials 48 million tied to Gmail was exposed, attributed to infostealer malware on user devices. Slack suffered a November 2025 breach where attackers used stolen credentials to access accounts of over 17,000 Nikkei employees, exposing names, emails, and chat histories. Trello, Zoom, and Microsoft products have also faced incidents, with Trello data appearing for sale in January 2024. Workday is the only app in the analysis without a user data deletion option, despite holding employment records and payroll details. In August 2025, the platform confirmed two breaches linked to its Salesforce CRM, where attackers obtained business contact information as part of a ShinyHunters social engineering campaign. BYOD Risks and Platform Disparities Many employees install these apps on personal devices, exposing contact details, financial data, and location information to advertising networks or corporate administrators. Slack, for example, lacks end-to-end encryption, allowing workspace owners to access direct messages and private channels. While the study focuses on Google Play data, Incogni notes that iOS disclosures may differ, though past comparisons suggest similar privacy practices across platforms. The findings highlight the trade-offs between workplace productivity and data exposure, with recurring breaches and extensive tracking underscoring the risks of integrating these tools into daily operations.

Nikkei Inc., a leading Japanese business news publisher, experienced a security breach after an employee’s personal computer was infected with malware, leading to unauthorized access to its internal Slack workspace. The incident resulted in the exfiltration of authentication credentials, exposing sensitive internal communications and personal data of up to 17,368 individuals, including full names, email addresses, and chat histories. While no evidence suggests journalistic sources or editorial materials were compromised, the breach highlights vulnerabilities tied to personal device usage for corporate access. Nikkei responded with containment measures (password resets, access reviews) and voluntarily reported the incident to Japan’s Personal Information Protection Commission, emphasizing transparency and a commitment to strengthening data protection. No public leaks or direct misuse of the data have been confirmed to date.

Japanese media company Nikkei confirmed a security breach involving its Slack accounts, stemming from an employee’s personal computer infected with malware. The infection led to the leakage of Slack authentication credentials, which were then exploited to gain unauthorized access to employee accounts. The breach, discovered in September, exposed highly sensitive data—including names, email addresses, and chat histories—of 17,368 registered users. While Nikkei implemented countermeasures like password resets and voluntarily reported the incident to Japan’s Personal Information Protection Commission, the breach underscores risks tied to non-corporate device access to confidential data. Notably, no compromise of sources or reporting activities was confirmed, but the exposure of internal communications and employee/customer data poses significant reputational and operational risks. The incident highlights vulnerabilities in third-party platform security (Slack) and the dangers of credential theft via infected personal devices.

Japanese media giant Nikkei suffered a data breach after attackers infiltrated its internal Slack workspace via malware on an employee’s device, compromising Slack credentials. The intrusion exposed personal details—including names, email addresses, and chat histories—of 17,368 employees and business partners. While Nikkei confirmed no leakage of journalistic sources or reporting activities, the exposure of internal communications poses a significant reputational risk for a media organization reliant on confidentiality. The company reported the incident to Japan’s Personal Information Protection Commission, though local laws may not have required disclosure. No evidence yet suggests the stolen data has surfaced online, but the breach highlights vulnerabilities in collaboration platforms like Slack, which have become prime targets for credential theft, phishing, and malware-driven attacks. Nikkei reset passwords and pledged to strengthen data protection measures, but the incident underscores the fragility of trust when sensitive corporate communications are exposed.

Japanese media conglomerate Nikkei suffered a cyber breach after hackers exploited malware on an employee’s device to steal login credentials and gain unauthorized access to its internal Slack communication system. The incident, discovered in September but disclosed in late November, exposed the names, email addresses, and chat histories of over 17,300 users, including employees and business partners. While no journalistic sources or reporting-related data were compromised, the breach highlights vulnerabilities in internal communication platforms. Nikkei, which owns the Financial Times and operates globally with 3,000+ employees, reported the incident to Japanese authorities despite the leaked data not being legally classified as 'personal information' under local laws. The company emphasized plans to strengthen personal information management to prevent recurrence. This follows a 2022 ransomware attack on Nikkei’s Singapore headquarters, underscoring a pattern of cyber threats targeting media organizations.

Nikkei vitnesed incidents of unauthorized access to some email accounts used by Nikkei China (Hong Kong), an overseas group company. The access raised concerns regarding the leak of personal information, including the names of customers.

Nikkei Inc., the publisher of the business daily The Nikkei and other media experienced a cyber security incident. Personal information on a total of 12,514 people had been leaked after a computer used by a group company employee was infected with a virus in an apparent cyberattack. The leaked information included the names and email addresses of board members, regular and part-time employees, and others at the Nikkei headquarters and some of its group companies.

Nikkei Inc., the Japanese financial news and media conglomerate (owner of the Financial Times), suffered a major cyber breach in September 2024 after an employee’s infected personal computer led to stolen Slack credentials. Attackers exploited this to access Nikkei’s internal Slack workspace, exposing sensitive data of 17,368 individuals, including employees and business partners. Compromised information included names, email addresses, and chat histories, though no journalistic sources or reporting data were leaked. The breach mirrors a growing trend where criminals leverage stolen data for extortion rather than deploying ransomware. Nikkei responded with password resets, voluntary disclosure to Japan’s Personal Information Protection Commission, and a public commitment to strengthening data security. This incident follows a 2019 BEC scam where Nikkei lost $29 million, highlighting persistent vulnerabilities in its cybersecurity posture. Experts noted the attack’s sophistication, as valid credentials bypassed traditional security tools (SIEM/NDR), emphasizing the need for behavioral anomaly detection.