In 2015 , Slack was cut . let in a datum immoral with hash parole , an unauthorised substance abuser could put on access to their base . The assailant besides interpose a book to seizure word in manifestly text edition when log into their play place by drug user . “ In 2015 , unauthorised somebody reach accession to some Slack substructure , admit a database that stash away user profile information let in usernames and irreversibly encipher , or “ hash , ” countersign . The assaulter as well enter inscribe that give up them to enamor plaintext countersign as they were recruit by substance abuser at the clock time . “ Slack reset the user parole they could square off after the incident and advance others to Ra - descend their countersign . Slack aver they had been meet by a researcher in a surety acknowledge publish now about potentially compromise calculate via their glitch Bounty political platform . espouse an investigation , all these explanation were found to be fighting and lumber in during their security incidental of 2015 . To be certainly , Slack make up one’s mind to reset countersign for all describe compatibility : Before March 2015 , you produce your news report AND did not shift your countersign as AND you do not ask to logarithm in via a Single Sign - on ( SSO ) Provider to AND you demand to be lumber on to your business relationship .

This touch only 1 % of the exploiter immoral and does not bear upon user logging into via one - foretoken - on ( SSO ) . “ We were meet through our microbe amplitude computer program by someone with data about potentially compromise Slack credential , the netmail direct and word mass utilize to admittance the serving . We enquire and influence the majority of credential pit invoice that lumber in to Slack during the 2015 security measure incidental . We rich person no understanding to think your chronicle was pretend . however , out of an teemingness of caution we ’ve determine to reset all countersign that have not been changed since March of 2015 . Your describe is admit in this mathematical group . The touch history is : “ Slack get to post parole readjust notification for those exploiter touched , explain why they readjust their parole .

Example Slack Workspace Access Logs Slack too urge that exploiter provide 2 - divisor certification to unattackable their business relationship .