Slack says that through its bug bounty program, the company has newly received a set of compromised user credentials from the Great Slack Hack of 2015.
Remember that one? No? Well, it's why Slack has two-factor authentication now.
Credentials for about 65,000 Slack users were impacted, but Slack says they're now resetting the passwords for all users who were active in 2015. Four years later, yep.
Catalin Cimpanu writes for Zero Day that this means about 1 percent of Slack users are getting a mandatory password reset.
We immediately confirmed that a portion of the email addresses and password combinations were valid, reset those passwords, and explained our actions to the affected users," Slack said.
In a message on its website, Slack said this batch of credentials came via its bug bounty program. The company said it initially believed the data came from users who had their PCs infected with malware, or users who reused passwords across different services.
"However, as more information became available and our investigation continued, we determined that the majority of compromised credentials were from accounts that logged in to Slack during the 2015 security incident," Slack said.
While the batch of compromised credentials included 65,000 passwords, today, Slack decided to reset passwords for all users who were active at the time of the 2015 breach -- except users who already changed their password since then, or those who use single-sign-on (SSO) solutions.
In the mid-1990s, Nintendo released Satellaview, a satellite modem for Nintendo’s Super Famicom (SNES) only available in Japan. Just for kicks, Bertrand Fan hacked an SNES and Satellaview to run Slack. Bertrand has an intimate knowledge of Slack because he’s one of the engineers building that platform. From Bert: If you can beam satellite signals […]
Lanetix is your basic shitty tech company, where your two weeks of annual paid leave is subject to often-withheld managerial approval, where bosses threaten engineers with getting canned if they participate in private Slack channels where they discuss working conditions, and where high-performing software engineers who object to bad management are summarily fired.
So you missed Black Friday and Cyber Monday? Well, there’s one more holiday milestone coming up: Green Monday, on Dec. 16. It’s one of the busiest online shopping days for the simple reason that it will be 10 days before Christmas, which is when last-minute shoppers start to stress. Our advice? Don’t wait for that […]
Weighted blankets are officially a thing. And if you’ve ever tried one, you know there’s a reason for the fuss. Parents have known for generations that swaddling a baby has a profound calming effect, and the gentle pressure that blanket weights provide can have the same effect on restless sleepers. Pretty much all parts of […]
Walk through any office, and you will likely spot a few bobbleheads. These wobbly figurines are great fun to have around, although most celebrate people we will never meet. For something a little more personal, try Handmade Custom Bobbleheads. These mini caricatures are sculpted and painted by skilled artisans, based on any photo you provide. […]