Slack is getting ready to reset passwords for almost 65,000 consumers whose credentials were lately negotiated, media reported.
The firm is taking this action after getting a list of negotiated user passwords from an unnamed source.
“This might be the outcome of malware downloaded on a PC you have employed to log in to Slack or your credentials being used again from an earlier hack of a third party, such as those cited on websites such as haveibeenpwned.com,” claims a draft of the text the firm aims to send affected users.
The emails for password reset will be sent out later this week. They will go out to both normal Slack consumers, but also to admins for Slack room.
Slack management conducted a meeting earlier and made a decision on custom alerts for its more essential enterprise users, media claimed.
As per data made public at the time of its IPO in April, Slack claimed it had 575 users on yearly deals worth over $100,000. Some of these users seem to have been affected as well.
It is not clear if any of the credentials Slack got had been employed to attain unauthorized access to user accounts.
Slack has normally reset user passwords earlier, but always in tiny bunches, as the firm noticed unauthorized access to consumer accounts. This is the biggest password reset the firm has conducted till now.
On a related note, a mysterious attacker has pinched the personal info of millions of people in Bulgaria and has sent download links to the stolen info to local news agencies.
The origin of the data is thought to be the nation’s NRA (National Revenue Agency), a division of the Ministry of Finance of the country.
In a message published on its website, the NRA claimed that it was operating with the SANS (State Agency for National Security) and the Ministry of the Interior to probe the hack.