Cyberattacks never end. After the serious attack that affected LastPass in 2022, it is now Slack’s turn to be the victim of an intrusion into its systems. The business chat platform has announced that hackers had gained access to the firm’s GitHub repositories.
Nothing to worry about, according to Slack
“Our customers were not affected, no action is required and the incident was quickly resolved“Slack said in order to reassure its users. It seems that the cybercriminals had access to certain directories containing pieces of source code, but that the user data as well as the main database were spared. “No repositories contained customer data, means to access customer data, or Slack’s core database“, repeats the company.
The intrusion was made possible by the malicious use of certain identification tokens belonging to company employees. Although production servers were not affected, Slack said it changed all credentials used on GitHub as a precaution. At first glance, the hack therefore seems rather minimal, even if the company explains “continue to investigate and monitor the situation” to prevent the situation from escalating due to an unforeseen vulnerability.
A platform coveted by hackers
This is not the first time that the platform has been targeted by cyberattacks. In 2015the passwords of some accounts had to be reset after an attack and in 2022a flaw identified by a cybersecurity specialist led the company to review its practices.
A favorite tool of many multinationals (and some state structures), Slack is therefore a prime target for hackers. We remember that Slack was used in particular in the major hack that Uber suffered in 2022.