The work messaging app said Thursday that it's resetting passwords for about 1% of Slack accounts due to a 2015 security incident.
After the attack in 2015, Slack admitted that the hackers had been able to gain access to a database storing user-profile information, including user names, email addresses and their passwords.
Security breaches are all too common these days in the tech world with nearly every company at some point in time having to learn the lesson of certain security flaws and deal with potentially hacked accounts. As per best practice, these passwords had been hashed the company said, and ought therefore be secure, although the attackers were also able to capture some passwords in plain text as they were entered by users at the time.
Those account owners were notified, some password resets forced, and Slack made available two-factor authentication and a "password kill switch" for team owners, which allows them to reset passwords and terminate active sessions of each member of their team.
We were recently contacted through our bug bounty program with information about potentially compromised Slack credentials. This incident involved the breach of a Slack database that contained user profile information, which included usernames, encrypted passwords, and email addresses.
Boeing to take $5B hit due to 737 MAX groundings
Southwest, the world's largest MAX operators with 34 jets, and American are due to report quarterly earnings on July 25. Boeing is still building Max jets, although at a reduced pace, but it halted deliveries of completed planes in March.
Swedish Prosecutors Want To Keep A$AP Rocky In Jail Another Week
Regarding the upcoming hearing on July 25 Jovicic said, "we need to be prepared and assume the prosecutor will press charges". Soon after the news of his arrest broke, the movement #JusticeForRocky pushed for the rapper's release.
NYC heat wave: Just how hot will it get this weekend?
Storms are moving through the Chicago area Thursday morning ahead of an Excessive Heat Warning goes that goes into effect at noon. In several cities, buildings are being offered as cooling centers and residents are being asked to check on family and neighbors.
But as ZDNet reported earlier today, the company recently received a batch of Slack users credentials, which prompted the company to start an investigation into its source and prepare a password reset procedure. While analyzing the credentials of the affected users, the company soon noticed that they are indeed related to the 2015 hack.
Any users who created their account before this March 2016 who have not changed their passwords since and who do not use single-sign-on can expect to have their passwords reset by the company.
Slack is directly informing people who are affected by the reset, including room admins. Therefore, for your account security, if you have a Slack account change its password even if you are not impacted by the breach.
Slack said it had "no reason to believe that any of these accounts were compromised" and that it was taking this step as a precaution.