Slack will reset the passwords of customers it believes are affected by a historic knowledge breach that affected the corporate greater than 4 years in the past.
In 2015, the corporate stated it was hit by hackers who gained entry to its consumer profile database, together with their scrambled passwords. However the hackers inserted code that scraped the consumer’s plaintext password because it was entered by customers on the time.
Slack stated it was not too long ago contacted by way of its bug bounty a few record of allegedly compromised Slack account passwords. The corporate believes the case might relate to the 2015 knowledge breach incident.
Slack stated the safety incident doesn’t apply to “the roughly 99% who joined Slack after March 2015” or those that modified their password since.
Accounts that require single sign-on by way of an organization’s community are usually not affected.
The corporate additionally stated it has no cause to imagine accounts have been compromised however supplied no proof for its declare.
Slack stated 1% of accounts in 2015 have been affected by the breach. An earlier report prompt that the determine might quantity to 65,000 accounts. When reached, a Slack spokesperson wouldn’t remark additional nor verify the determine.
Slack not too long ago debuted on the New York Inventory Alternate, valuing the corporate at about $15.7 billion.