The turn of the year came with a headache for Slack. Salesforce instant messaging platform announced it was damaged last Saturday (31) a security incident in which hackers gain access to private code repositories It is hosted on GitHub.
The attackers used a “limited” number of tokens stolen from platform workers. Despite the warehouse breach, platform customer data not affectedAccording to Slack itself.
“We received a report of suspicious activity on our GitHub account on December 29, 2022. After review, We discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository,” Slack said in a statement.
Again in the note, the messaging platform said that the attacker had downloaded the repositories on December 27. Slack then invalidated the stolen tokens and changed the related secrets. The service even explores “potential impact” for customers.
“According to the available information, The unauthorized access was not caused by an inherent vulnerability in Slack.. “The security team will continue to investigate and monitor future risks.”
At the moment, Slack has around 18 million users worldwide. It is primarily used in workplaces and digital communities.
Source: Tec Mundo
