Slack is a very popular corporate messaging app with 20 million daily active users. They recently announced suffering from a data breach on their code repository on Github.
Ever since layoff has become a trend or a harsh reality, the world of cybercrime has become proactive as a company experiencing a layoff may have less resources to devote to cybersecurity, making it a more vulnerable target for cybercriminals.
More than 4,100 publicly disclosed data breaches occurred in 2022, equating to approximately 22 billion records being exposed. Around 65% of them were filed in quarters 3 & 4, just after major MNCs started big layoff rounds. Recently, tech-giant Meta was fined nearly $400 million because of targeted ads that were stealing users' data. In a tech company, a little loophole in the security system can be a threat to the whole company.
In the first week of 2023, hackers released 200 million email addresses and links to their Twitter handles. Those emails are supposed to be collected from the last 12 to 18 months, as mentioned in a news article by the Hindustan Times.
Lately, GitHub repositories have become a favorite target of hackers as it unlocks a ton of ways for hackers to damage companies. Slack’s private coding repository was stolen from GitHub, just like many other companies like Okta, Lastpass, CircleCI, and dropbox. The report was given by the company officials only.
All these incidents direct us to one thing that is we need to be much more aware than we were during the predicted recession.
When Did the Incident Take Place?
The event was on December 31, 2022, where a security issue involving unauthorized access to a subset of Slack’s code repositories was detected. Slack responded to this on the same day, but it is unknown if the attacker could access any sensitive or user data.
How Was Data Stolen?
The data was accessed by some outsiders by stealing some employee security tokens, which were stolen and accessed on 27 December and some private code repositories were also downloaded on 31st Dec.
Slack has not disclosed how the breach was discovered or how the tokens were stolen. However, their response to the media stated:
“Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed that the threat actor downloaded private code repositories on 27 December. No downloaded repositories contained customer data, means to access customer data or Slack's primary codebase.”
Impact on Users & How They Can Stay Protected
The company has invalidated the stolen tokens and stated that users don’t need to do anything.
Slack’s disclosure reads, “When notified of the incident, we immediately invalidated the stolen tokens and began investigating potential impact to our customers.”
They have also reassured people that the attacker did not access customer data and that Slack users don't need to do anything.
Still, it is always important for users to be mindful of the security of their data and be aware of the potential risks of using online platforms. Slack has implemented measures to protect users' data, including encryption and other security protocols to help prevent unauthorized access to users' data.
Additionally, they also recommended their users to ensure that they are running the latest version of the Slack app and use a strong, unique password for their account.
It's also good to monitor the official website or trusted news sources for any announcements regarding data privacy breaches or security incidents.
If you suspect any unusual activity on your Slack account, you should contact Slack support as soon as possible to report the issue.
Ensuring the safety of a company’s data is more important than growing a company because it can destroy the years of work of fingers to bones in just a few moments. Any company or organization should go through the following checklist while ensuring the safety of its sensitive data.
Cyber Security Checklist for Organization:✅ Conduct regular cybersecurity audits
✅ Know what to do in case of a breach
✅ Back up your data periodically
✅ Know who has access and why
✅ Encrypt professional communication, including email
✅ Hire Cyber security experts or agencies
Final ThoughtsAccording to the 2022 CyberSecurity report of Gartner, 88% of executive companies consider cyber security threats and data privacy breach a direct threat to business and not just an IT Problem. With growing cyber security threats, it is a must to have the shields ready before the sword strikes.
Appknox is helping organizations detect vulnerabilities before they convert into threats. If you're not sure where to start when it comes to improving your organization's cyber security posture, we can help.