Slack Technology, a firm that has developed workroom chat rooms, has been hacked leaking nearly 500,000 records containing personal information of the users. Slack has developed products that help the employees to manage projects and send work-related messages using internal communication platforms.
The malicious hackers that leaked the information contains phone numbers, email IDs, Skype IDs and other vital, necessary information linked to their Slack account.
Slack has confirmed that they have been stuck with the cyber crime. “We have been recently capable to confirm that there was unauthorized access to Slack database storing profile data,” said Slack Technologies in a blog post.
Slack further added that the attack was executed in the month of February within a time-frame of four days. Slack VP of policy and compliance strategy, Anne Toth said the sensitive information related to the credit cards and payment methods were intact on the server, and hackers had no chance of breaking and accessing that information. Hackers were also not able to decrypt the hashed passwords, however, users with weak password have been notified to reset the old password.
Slack security experts have already notified the law and enforcement agencies about the breach, and the company has also added a support for the two-factor authentication, which will strengthen the security of the accounts and will protect the servers from any future attacks.
Apart from that, Slack will also be offering a ‘Password Kill switch’ feature to the team leaders in the client company. The kill switch can help them reset the login information of team members and will then require the user to enter new login details.
The breach is apparently one of the largest hacks in the cyber crime history, and companies suffering from such attacks have to bear an enormous loss due to this. This isn’t the first time when hackers have managed to defy the security mechanism.