Slack resetting passwords for users impacted by 2015 breach

over 2 years ago by IanDorfman

Slack has announced that it is resetting passwords for around 1% of users due to newly unearthed information regarding a 2015 security breach that impacted the workplace collaboration service.

The breach was discovered via a tip sent to the company via its bug bounty program, with an immediate confirmation that "a portion" of the email and password combinations were valid and could be used by the attacker to log in to accounts that did not belong to them.

User accounts that meet all three of the following criteria will be subject to this password reset:

• Account was created your account before March 2015
• Account password has not been changed since March 2015
• Account does not require logging in via a single-sign-on (SSO) provider

The blog post that details these actions further described that the company has "no reason to believe that any of these accounts were compromised," but is resetting the passwords anyway due to feeling the value of precautionary measures being taken far outweighs any potential inconvenience caused to the 1% of total Slack users that were active at the time of this breach.

Steps to properly reset your Slack account password can be found via an article on Slack's official Help Center.

Further coverage:
The Official Slack Blog
TechCrunch

Slack

  • FreemiumProprietary
  • Mac
  • Windows
  • Linux
  • Android
  • iPhone
  • Chrome OS
  • Android Tablet
  • iPad
  • Electron / Atom Shell
  • Software as a Service (SaaS)

Slack is a unified communication platform built with an optimized workflow to keep modern teams focused and productive. A familiar chat interface facilitates discussions while advanced features are easily exposed based on context.

801 likes 217 Alternatives

❯ Alternatives to Slack