Slack says that through its bug bounty program, the company has newly received a set of compromised user credentials from the Great Slack Hack of 2015.
Remember that one? No? Well, it's why Slack has two-factor authentication now.
Credentials for about 65,000 Slack users were impacted, but Slack says they're now resetting the passwords for all users who were active in 2015. Four years later, yep.
Catalin Cimpanu writes for Zero Day that this means about 1 percent of Slack users are getting a mandatory password reset.
We immediately confirmed that a portion of the email addresses and password combinations were valid, reset those passwords, and explained our actions to the affected users," Slack said.
In a message on its website, Slack said this batch of credentials came via its bug bounty program. The company said it initially believed the data came from users who had their PCs infected with malware, or users who reused passwords across different services.
"However, as more information became available and our investigation continued, we determined that the majority of compromised credentials were from accounts that logged in to Slack during the 2015 security incident," Slack said.
While the batch of compromised credentials included 65,000 passwords, today, Slack decided to reset passwords for all users who were active at the time of the 2015 breach -- except users who already changed their password since then, or those who use single-sign-on (SSO) solutions.
In the mid-1990s, Nintendo released Satellaview, a satellite modem for Nintendo’s Super Famicom (SNES) only available in Japan. Just for kicks, Bertrand Fan hacked an SNES and Satellaview to run Slack. Bertrand has an intimate knowledge of Slack because he’s one of the engineers building that platform. From Bert: If you can beam satellite signals […]
Lanetix is your basic shitty tech company, where your two weeks of annual paid leave is subject to often-withheld managerial approval, where bosses threaten engineers with getting canned if they participate in private Slack channels where they discuss working conditions, and where high-performing software engineers who object to bad management are summarily fired.
If your office works at all, it uses Microsoft Office. Those icons for Word, PowerPoint, and Outlook are as familiar around some workplaces as the coffee machine. So familiar, in fact, that they get taken for granted – and rarely used to their full potential. Whether you need a crash course in the essential tools […]
It’s a great time to be a maker. 3D printers are on store shelves for anyone to buy, and coder kits like Arduino and Raspberry Pi are letting kids as young as 9 or 10 dive into the Internet of Things. Here are a few examples of our favorite tech toys, all priced low enough […]
Want to make a hit? The right software is out there for anyone, but any music producer will tell you that finding the right sound can still take time and talent. Still, the right tools are a great shortcut, which makes this Synth & Sound Pack Bundle absolutely priceless. And now that it’s on sale […]