The work messaging app said Thursday that it's resetting passwords for about 1% of Slack accounts due to a 2015 security incident.
After the attack in 2015, Slack admitted that the hackers had been able to gain access to a database storing user-profile information, including user names, email addresses and their passwords.
Security breaches are all too common these days in the tech world with nearly every company at some point in time having to learn the lesson of certain security flaws and deal with potentially hacked accounts. As per best practice, these passwords had been hashed the company said, and ought therefore be secure, although the attackers were also able to capture some passwords in plain text as they were entered by users at the time.
Those account owners were notified, some password resets forced, and Slack made available two-factor authentication and a "password kill switch" for team owners, which allows them to reset passwords and terminate active sessions of each member of their team.
We were recently contacted through our bug bounty program with information about potentially compromised Slack credentials. This incident involved the breach of a Slack database that contained user profile information, which included usernames, encrypted passwords, and email addresses.
Unai Emery provides update on Rob Holding’s injury
Unai Emery has admitted that Arsenal captain Laurent Koscielny could "possibly" leave Arsenal this summer. This act of insubordination was done in an attempt to force a move out of The Emirates Stadium.
Oilers deal Lucic to Flames
Neal also failed to meet expectations last season, amassing seven goals and 19 points in his lone season with the Flames. Beyond the change of scenery thing, Neal's contract would be much easier to buy out than Lucic's buyout-proof deal.
Bayliss appointed as Sunrisers head coach
In IPL 2019, SRH were knocked out by Delhi Capitals (DC) in the eliminator beating them by two wickets. Last but not least, SRH franchise also thanked Tom Moody for his huge contribution to their franchise.
But as ZDNet reported earlier today, the company recently received a batch of Slack users credentials, which prompted the company to start an investigation into its source and prepare a password reset procedure. While analyzing the credentials of the affected users, the company soon noticed that they are indeed related to the 2015 hack.
Any users who created their account before this March 2016 who have not changed their passwords since and who do not use single-sign-on can expect to have their passwords reset by the company.
Slack is directly informing people who are affected by the reset, including room admins. Therefore, for your account security, if you have a Slack account change its password even if you are not impacted by the breach.
Slack said it had "no reason to believe that any of these accounts were compromised" and that it was taking this step as a precaution.