Slack says that through its bug bounty program, the company has newly received a set of compromised user credentials from the Great Slack Hack of 2015.
Remember that one? No? Well, it's why Slack has two-factor authentication now.
Credentials for about 65,000 Slack users were impacted, but Slack says they're now resetting the passwords for all users who were active in 2015. Four years later, yep.
Catalin Cimpanu writes for Zero Day that this means about 1 percent of Slack users are getting a mandatory password reset.
We immediately confirmed that a portion of the email addresses and password combinations were valid, reset those passwords, and explained our actions to the affected users," Slack said.
In a message on its website, Slack said this batch of credentials came via its bug bounty program. The company said it initially believed the data came from users who had their PCs infected with malware, or users who reused passwords across different services.
"However, as more information became available and our investigation continued, we determined that the majority of compromised credentials were from accounts that logged in to Slack during the 2015 security incident," Slack said.
While the batch of compromised credentials included 65,000 passwords, today, Slack decided to reset passwords for all users who were active at the time of the 2015 breach -- except users who already changed their password since then, or those who use single-sign-on (SSO) solutions.
In the mid-1990s, Nintendo released Satellaview, a satellite modem for Nintendo’s Super Famicom (SNES) only available in Japan. Just for kicks, Bertrand Fan hacked an SNES and Satellaview to run Slack. Bertrand has an intimate knowledge of Slack because he’s one of the engineers building that platform. From Bert: If you can beam satellite signals […]
Lanetix is your basic shitty tech company, where your two weeks of annual paid leave is subject to often-withheld managerial approval, where bosses threaten engineers with getting canned if they participate in private Slack channels where they discuss working conditions, and where high-performing software engineers who object to bad management are summarily fired.
It’s almost shocking to say…but there’s actually an incredible amount of manhood wrapped up in how well you cook a steak. Of course, no one would argue your grilling abilities are THAT important. Or that how well you sear a prime slab of beef should have any bearing on your social standing or feeling of […]
The notion of two people sleeping in the same bed always inspires romantic visions of love and intimacy. However, most quickly realize that the romance of sleeping together is often quickly replaced by the realities of the act. One partner snores. The other talks in their sleep. One grinds their teeth. The other hogs the […]
Add Internet of Things to the shortlist of those actually benefiting from the effects of the COVID-19 pandemic. You might not realize it, but the organizing principle that is bringing more automation to the world is actually proving to be a major asset as human beings are forced to stay home and away from the […]