The U.S. exchange operator disclosed in February that it was investigating a breach into its network.
Nasdaq OMX Group identified that its systems were hacked last year, and removed malicious software from its servers in October. That sparked an investigation involving the FBI and National Security Agency that is ongoing.
Trading platforms were not compromised, the exchange said when it disclosed the attack in February, although an Internet-based software program was attacked.
Nasdaq sells that program, called Directors Desk, to listed and private companies, which use it to let board members get access to and share documents and communicate with executives, among other things.
While the Directors Desk was infected, hackers were able to access confidential documents and communications of the directors who got access to the program, said Tom Kellermann, chief technology officer with security technology firm AirPatrol Corp.
Another person familiar with the investigation confirmed Kellermann's account of the matter, but declined to be identified by name because he is not authorized to discuss the matter.
(Reporting by Jim Finkle. Additional reporting by Jonathan Spicer in New York. Editing by Robert MacMillan)