BreachExchange mailing list archives
Slack Initiates Mass Password Reset
From: Destry Winant <destry () riskbasedsecurity com>
Date: Fri, 19 Jul 2019 08:31:12 -0500
https://threatpost.com/slack-password-reset/146545/ More victims of a 2015 credential-harvesting incident have come to light. Popular workspace collaboration platform Slack is in the middle of asking tens of thousands of users to reset their passwords after a security breach. The move is actually in response to new information that has come to light regarding a 2015 compromise, when hackers infiltrated Slack’s networks to gain access to databases containing user credentials including hashed passwords. They also planted password-scraping malware to capture login information in plaintext when users signed in. While Slack implemented two-factor authentication and a password reset for those affected at the time, a new crop of people that were impacted by the event has come to light after a new batch of stolen credentials was reported via the company’s bug-bounty program. “We immediately confirmed that a portion of the email addresses and password combinations were valid, reset those passwords, and explained our actions to the affected users,” Slack said in a message on its website. However, the company thought the issue stemmed from the rampant practice of password reuse, until closer inspection showed the trove to be a previously unknown group of accounts that were compromised in the 2015 incident. “These types of reports are fairly routine and usually the result of malware or password re-use between services,” according to a website notice. “However, as more information became available and our investigation continued, we determined that the majority of compromised credentials were from accounts that logged in to Slack during the 2015 security incident.” Slack said that it has decided to reset passwords for all users who were active at the time of the 2015 breach; those who have changed their password since then and those who log in via single-sign-on (SSO) platforms are excepted. In total, about 100,000 users are affected. _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Slack Initiates Mass Password Reset Destry Winant (Jul 19)