Published on July 18th, 2019 📆 | 4648 Views ⚑
0Slack is resetting passwords 4 years after data breach
I just got a Slack message from my editor that the 2015 Slack password breach is back in the news. The real question is: Was that really my editor or just someone who breached his password in 2015 and is masquerading as him? There was a winky emoji, so it was most likely him.
Some four years after Slack suffered a data breach, the company has decided to reset the passwords of users it believes were affected. This issue only applies to people who created Slack accounts before March 2015 and then never changed their passwords and donât have to access Slack through their officeâs single-sign-on (SSO) provider. Basically, according to Slack, this doesnât impact âthe approximately 99% who joined Slack after March 2015.â We have stumbled on the one time it pays not to be in the 1%.
The breach happened back in 2015, when hackers gained access to the messaging appâs user profile database, including passwords. A bug bounty hunter reportedly contacted Slack recently about a list of allegedly compromised Slack account passwords, which are believed to stem from the 2015 hack. So to make sure that the 1% of Slack users who have had the same password since 2015 arenât compromised, Slack is changing their passwords for them.
The company said it has no reason to believe accounts were compromised, but in the words of my eighth-grade geometry teacher, they didnât show their work. This is a good reminder, though: Change your passwords frequently. Hereâs a list of what not to choose.
Gloss