The popular group chatting application Slack has been hacked. Although the cyber-attack took place a few weeks ago, officials decided to make the incident public only on Friday, March 27, saying that this much time was needed to fully investigate the matter.
The company announced in a press release that hackers stole private data belonging to more than 500,000 users, including e-mail addresses, Skype IDs, telephone numbers and other information saved in the Slack data base.
Anne Toth, the vice-president of Slack, talked about how the cyber-attack took place. It seems that within four days in February, hackers breached into the Slack database which contained user information such as passwords or Skype account data.
Slack executives did point out that there is data that hackers couldn’t get ahold of, including payment card information and most of the messages sent via this application. Also, it is highly unlikely that hackers successfully cracked the passwords they obtained meaning the user accounts are safe. Despite this, the company recommended users to change passwords as a safety measure.
Slack executives explained why it took them about a month to make the cyber-attack public. They explained that it took that much for experts to identify the exact damage caused by the security breach. Told said:
“Since the compromised system was first discovered, we have been working 24 hours a day to methodically examine, rebuild and test each component of our system to ensure it is safe.”
This statement suggests executives postponed the announcement until it the application was once again secure.
Now Slack technicians came up with a better and apparently safer sign in method which consists of a “two-factor authentication system” that uses both Google Authenticator and Duo Mobile.
Users are not obliged to use the new sign in system but Slack representatives recommend it as it is supposedly more efficient in shielding one’s personal information.
Slack is considered one of the most popular workplace chatting applications. The company’s value skyrocketed in recent months and is approximated at about $2.8 billion.
This isn’t the first time Slack faces a breach in user data protection. In October 2014, Slack was accused of failing to protect chat space names, an error that could risk the exposure of the user’s other accounts such as Facebook and Google.
Image Source: TechCrunch