Information Security - Slack Initiates Mass Password Reset

The popular workspace collaboration platform Slack is in the middle of asking tens of thousands of users to reset their passwords after a security breach.

The move is actually in response to new information that has come to light regarding a 2015 compromise, when hackers infiltrated Slack’s networks to gain access to databases containing user credentials including hashed passwords. They also planted password-scraping malware to capture login information in plaintext when users signed in.

While Slack implemented two-factor authentication and a password reset for those affected at the time, a new crop of people that were impacted by the event has come to light after a new batch of stolen credentials was reported via the company’s bug-bounty program.

However, the company thought the issue stemmed from the rampant practice of password reuse, until closer inspection showed the trove to be a previously unknown group of accounts that were compromised in the 2015 incident.

“These types of reports are fairly routine and usually the result of malware or password re-use between services,” according to a website notice. “However, as more information became available and our investigation continued, we determined that the majority of compromised credentials were from accounts that logged in to Slack during the 2015 security incident.”

Slack said that it has decided to reset passwords for all users who were active at the time of the 2015 breach; those who have changed their password since then and those who log in via single-sign-on (SSO) platforms are excepted. In total, about 100,000 users are affected.