Security Experts:

Connect with us

Hi, what are you looking for?



Slack Resetting More User Passwords in Response to 2015 Breach

Slack announced on Thursday that it’s resetting passwords for accounts that users have not secured after the data breach suffered by the company back in 2015.

Slack announced on Thursday that it’s resetting passwords for accounts that users have not secured after the data breach suffered by the company back in 2015.

In March 2015, Slack informed users that it had detected unauthorized access to a database storing account information. The compromised database stored usernames, email addresses, hashed passwords, phone numbers and Skype IDs. The attackers also injected malicious code designed to capture plaintext passwords as they were entered by users.

After it discovered the incident, Slack reset the passwords for a “small number” of users who had been confirmed to be affected, and encouraged others to change their passwords and enable two-factor authentication.Slack responds to 2015 hack

However, Slack learned recently through its bug bounty program about some potentially compromised credentials. The credentials appeared to be obtained as a result of theft via malware or a third-party hack, and Slack sent out notifications to impacted users to inform them that their password had been reset.

Following further analysis of the compromised data, Slack determined that a majority of the usernames and passwords were actually associated with accounts that logged in to the platform during the 2015 breach.

Slack is now resetting passwords for 1% of accounts, specifically ones that were created before March 2015, and for which passwords have not been changed since and they don’t use single-sign-on (SSO). Users whose passwords are being reset will be notified.

“Today we are resetting passwords for all accounts that were active at the time of the 2015 incident, with the exception of accounts that use SSO or with passwords changed after March 2015. We have no reason to believe that any of these accounts were compromised, but we believe that this precaution is worth any inconvenience the reset may cause,” Slack said.

Users and administrators who believe their Slack accounts may have been hacked can check the access logs made available by the vendor.

Slack says it has over 10 million daily active users across more than 150 countries. These users, representing over 600,000 organizations, send over 1 billion messages every week via the platform. The company claims to have 88,000 paid customers, including more than 65 of the Fortune 100 firms.

Related: Slack Flaw Allows Hackers to Steal, Manipulate Downloads

Related: Slack Lists Cybersecurity Risks Ahead of Going Public

Related: Slack Quickly Patches Account Hijacking Flaw

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.