Hackers Compromise Slack's GitHub Repository

Category: Data Breach | Industry: Technology | Level: Strategic | Source: Slack

A security incident was revealed by the instant messaging program Slack, affecting the company's GitHub account. Slack's security team was notified of the breach on December 29th, 2022, with their investigation revealing "a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed the threat actor downloaded private code repositories on December 27. No downloaded repositories contained customer data, means to access customer data, or Slack’s primary codebase." Slack affirms the threat actors did not access other Slack environments including its production environment nor did they "access other Slack resources or customer data." However, security tokens were identified to have been compromised in the attack and Slack is currently assessing "potential impact" to customers. As an added precaution, Slack has rotated any relevant credentials from the attack. From Slack's current investigation "the unauthorized access did not result from a vulnerability inherent to Slack." Slack insists there is no customer impact and no action is needed at this time, however, their investigation is not yet complete and new details could follow.

‍