Connect with us

Cybersecurity

Slack leaked hashed passwords for years

Published

on

slack leaked hashed passwords for years.webp.webp

The messaging provider Slack has asked numerous users to reset their passwords. But that’s just a precaution, Slack said.

Instant messaging provider Slack has asked 0.5 percent of its users to reset their passwords. An independent security researcher had previously found a bug in the collaboration tool and informed the company about it.

The error occurred whenever a user sent or revoked an invitation link for their workspace: Slack then sent a hashed version of the user’s password to other workspace members. However, this hashed password was not visible to the Slack clients. To detect it, the encrypted network traffic coming from the Slack servers should have been actively monitored.

Slack was notified of the bug on July 17, 2022. It affected all users who acted with invitation links between April 17, 2017 and this time. After being notified by the security researcher, the underlying error was immediately corrected and the possible effects examined. The company sees no reason to believe that plain text passwords could have been leaked to unauthorized persons. The reset is purely a precautionary measure, according to a statement from Slack. The company recently announced that it would raise the price of the company chat Pro license.

Copyright © 2017 Zox News Theme. Theme by MVP Themes, powered by WordPress.