Slack password reset coming to thousands of users

Slack
(Image credit: Slack) (Image credit: Slack)

Slack is set to reset password for thousands of users as it looks to respond to a data breach.

The popular messaging app has confirmed it will reset the passwords of users it believes could be affected by a historical data breach.

Around one percent of all Slack users are thought to be affected by the attack - equivalent to over 65,000 customers.

Breached

Slack was hit by a cyberattack back in 2015 when hackers to its user profile database. This included access to the scrambled passwords of users, however the hackers inserted code that scraped the user’s plaintext password as it was initally entered.

Slack said it did not believe accounts were compromised in the attack, but did not provide any further details as to why this would be - although it said that accounts that require single sign-on through a company’s network are not affected.

The company said it had become aware of the attack after being recently contacted through its bug bounty programabout a list of allegedly compromised Slack account passwords.

Slack was recently valued at over $20bn after going public back in June, and counts over 10 million active daily users worldwide, including the likes of the BBC, Lyft and 21st Century Fox.

It recently revealed a number of security upgrades to its platform, including the launch of Enterprise Key Management to give an added layer of protection. The new service will allow businesses admins full control over the encryption keys used to encrypt the files and messages within their Slack workspace.

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.