Search This Blog

Saturday, 28 March 2015

Popular Chat room service Slack hacked, personal information of 500,000 users exposed

Slack Technologies Hacked: 500,000 Emails Exposed

Popular chat room service, Slack was hacked in month of February 2015 and may have left a massive 500,000 users personal information like email addresses, phone numbers, Skype IDs and anything they might have added to their profiles exposed for spam attacks and identity thefts.
Slack has been gain popularity over past few months and has been valued at a whopping $2.8 billion by its investors. The hack was noticed by the Slack security team who made a post on their website announcing the same.
“We were recently able to confirm that there was unauthorized access to a Slack database storing user profile information. We have since blocked this unauthorized access and made additional changes to our technical infrastructure to prevent future incidents. We have also released two-factor authentication and we strongly encourage all users to enable this security feature.”
Though the hack occurred in February, it took more than a month for Slack to announce the hack. It also announced that it had enabled 2 factor authentication after the hack attack.
“This further highlights the need for all organizations – both startups and established companies – to invest in post-infection software that can quickly identify security breaches and prevent valuable data theft,” said Paul Martini, CEO of iBoss, a cybersecurity provider.
“We are collaborating with outside experts to cross-check assumptions and ensure that we are meticulous in our approach,” stated the company. “In addition we have notified law enforcement of this illegal intrusion.”
The blogpost said there were no indications of the financial and payment card information being compromised by the hackers and the hack attack lasted for approximately 4 days before its security team uncovered the same. It also said that it had started notifying the 500,000 users whose information has been exposed.
Slack has been criticized for its security practices in the past. In October 2014 for a design flaw which left its chat room names visible and open to anyone. After a furore online, Slack denied that the design flaw was a bug.

No comments:

Post a Comment