Slack initiated Two-Factor Authentication conceding Security breach

Slack, a platform for team communication, has affirmed that the company suffered a crucial security breach of its user’s database, exposing sensitive information to malicious hackers.

Slack has reported to The Verge that databases comprising team message history were not accessed as part of the breach. No payment information was leaked; the main concern is user passwords, which were in encrypted form.

The San Francisco-based company has mentioned  in a blog post on Friday that its central user database was accessible to hackers during that window.The database provided little information such as personal data, including user names, email addresses, and one-way encrypted passwords, and other optional info, such as phone numbers and Skype IDs.

Anne Toth, vice president of policy and compliance strategy at Slack, has imparted that there is “no indication that the hackers were able to decrypt stored passwords, as Slack uses a one-way encryption technique called hashing.”

Slack has exploited outside experts and law enforcement officials abetting the investigation, which remains ongoing. According to Slack, it has notified affected individual users and team owners.

Slack has released some security tips as well as two-factor authentication and a password-kill switch for IT administrators to implement. It strongly encourages all users to enable this security feature.

The password-kill feature will enable an instant sign-out and password reset for every member of a given team. The feature is meant to allow leaders to clear out their system spontaneously if the breach is suspected.

Slack has become popular among businesses as an email replacement, reaching more than half a million daily users last month, but the growth has come with new concerns over security.

In October, the company faced criticism over a bug that permitted outsiders to access the list of names of different rooms available at a company. The bug was fixed immediately after being informed.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...