{"id":54113,"date":"2023-01-05T18:37:49","date_gmt":"2023-01-05T17:37:49","guid":{"rendered":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/"},"modified":"2023-01-05T18:37:49","modified_gmt":"2023-01-05T17:37:49","slug":"some-of-slacks-private-github-code-was-stolen-following-a-data-breach","status":"publish","type":"post","link":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/","title":{"rendered":"Some of Slack&#8217;s private GitHub code was stolen following a data breach","gt_translate_keys":[{"key":"rendered","format":"text"}]},"content":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg\" \/><\/p>\n<div id=\"article-body\">\n<p>Slack has confirmed that it recently suffered a data breach, but reassured customers that their data was not affected by the incident.<\/p>\n<p>In an <a target=\"_blank\" href=\"https:\/\/slack.com\/intl\/en-gb\/blog\/news\/slack-security-update\" data-url=\"https:\/\/slack.com\/intl\/en-gb\/blog\/news\/slack-security-update\" rel=\"noopener\">announcement<\/a><span class=\"sr-only\"> (opens in new tab)<\/span> published by the online collaboration giant on December 31, 2022, Slack explained how an unknown threat actors obtained Slack employee tokens and used them to access private GitHub repositories.\u00a0<\/p>\n<aside class=\"hawk-nest\" data-render-type=\"fte\" data-skip=\"dealsy\" data-widget-type=\"seasonal\"\/>\n<p>These repositories did not hold Slack\u2019s primary codebase, or customer data, it said.<\/p>\n<h2 id=\"rotating-secrets-and-invalidating-tokens\">Rotating secrets and invalidating tokens<\/h2>\n<p>&#8220;On December 29, 2022, we were notified of suspicious activity on our GitHub account,&#8221; Slack's notice read. &#8220;Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed that the threat actor downloaded private code repositories on December 27. No downloaded repositories contained customer data, means to access customer data, or Slack\u2019s primary codebase.&#8221;<\/p>\n<p>To combat the threat, Slack invalidated the stolen tokens and said to be looking further into the \u201cpotential impact\u201d of the data breach.<\/p>\n<p>Even though there\u2019s no evidence the attackers made away with sensitive information, Slack still decided to rotate its secrets.<\/p>\n<p>Slack is one of the world\u2019s most popular communication and collaboration platforms, allegedly serving more than 20 million users worldwide, including countless business users. As such, being targeted by cybercriminals is no surprise. By targeting communications platforms, hackers can obtain valuable information, such as passwords<span class=\"sr-only\"> (opens in new tab)<\/span>, or access to cloud servers and files being shared.<\/p>\n<p>In mid-2020, the company suffered a data breach forcing it to reset the passwords for thousands of users. At the time, it was believed that roughly 1% of all Slack users (which was equivalent to more than 65,000 people then) were affected by the incident.<\/p>\n<p>Slack was also hit by a cyberattack back in 2015 when hackers broke into its user profile database and accessed scrambled user passwords.<\/p>\n<p>Via: <a target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/slacks-private-github-code-repositories-stolen-over-holidays\/\" data-url=\"https:\/\/www.bleepingcomputer.com\/news\/security\/slacks-private-github-code-repositories-stolen-over-holidays\/\" rel=\"noopener\">BleepingComputer<\/a><span class=\"sr-only\"> (opens in new tab)<\/span><\/p>\n<\/div>\n<p><a href=\"https:\/\/www.techradar.com\/news\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\">Source<\/a><\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"excerpt":{"rendered":"<p>Slack has confirmed that it recently suffered a data breach, but reassured customers that their data was not affected by the incident. In an announcement (opens in new tab) published by the online collaboration giant on December 31, 2022, Slack explained how an unknown threat actors obtained Slack employee tokens and used them to access [&hellip;]<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"author":10,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[276],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v17.5 (Yoast SEO v17.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Some of Slack&#039;s private GitHub code was stolen following a data breach &bull; smartMILE<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Some of Slack&#039;s private GitHub code was stolen following a data breach\" \/>\n<meta property=\"og:description\" content=\"Slack has confirmed that it recently suffered a data breach, but reassured customers that their data was not affected by the incident. In an announcement (opens in new tab) published by the online collaboration giant on December 31, 2022, Slack explained how an unknown threat actors obtained Slack employee tokens and used them to access [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"smartMILE\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Smartmile-102682521688201\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-05T17:37:49+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@smartmile\" \/>\n<meta name=\"twitter:site\" content=\"@smartmile\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/smartmileco.com\/#organization\",\"name\":\"smartMILE & Co.\",\"url\":\"https:\/\/smartmileco.com\/\",\"sameAs\":[\"https:\/\/www.facebook.com\/Smartmile-102682521688201\",\"https:\/\/www.instagram.com\/smartmileco\/\",\"https:\/\/www.linkedin.com\/company\/smartmile-en\",\"https:\/\/www.youtube.com\/channel\/UCNDXRNG-EFmNHKgqW8lRfhg\",\"https:\/\/www.pinterest.ch\/smartMILE_Co\",\"https:\/\/twitter.com\/smartmile\"],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/smartmileco.com\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/woocommerce-331985-2347979.cloudwaysapps.com\/file\/2021\/12\/fond-blanc-rectangle.png\",\"contentUrl\":\"https:\/\/woocommerce-331985-2347979.cloudwaysapps.com\/file\/2021\/12\/fond-blanc-rectangle.png\",\"width\":2530,\"height\":454,\"caption\":\"smartMILE & Co.\"},\"image\":{\"@id\":\"https:\/\/smartmileco.com\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/smartmileco.com\/#website\",\"url\":\"https:\/\/smartmileco.com\/\",\"name\":\"smartMILE\",\"description\":\"Industries expert-approved software, services and resources\\u200b\",\"publisher\":{\"@id\":\"https:\/\/smartmileco.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/smartmileco.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg\",\"contentUrl\":\"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#webpage\",\"url\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/\",\"name\":\"Some of Slack's private GitHub code was stolen following a data breach &bull; smartMILE\",\"isPartOf\":{\"@id\":\"https:\/\/smartmileco.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#primaryimage\"},\"datePublished\":\"2023-01-05T17:37:49+00:00\",\"dateModified\":\"2023-01-05T17:37:49+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/smartmileco.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Some of Slack&#8217;s private GitHub code was stolen following a data breach\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#webpage\"},\"author\":{\"@id\":\"https:\/\/smartmileco.com\/#\/schema\/person\/6ee82d17aba00b280e7f6a9b2a680427\"},\"headline\":\"Some of Slack&#8217;s private GitHub code was stolen following a data breach\",\"datePublished\":\"2023-01-05T17:37:49+00:00\",\"dateModified\":\"2023-01-05T17:37:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#webpage\"},\"wordCount\":330,\"publisher\":{\"@id\":\"https:\/\/smartmileco.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg\",\"articleSection\":[\"TechRadar\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/smartmileco.com\/#\/schema\/person\/6ee82d17aba00b280e7f6a9b2a680427\",\"name\":\"TechRadar\",\"url\":\"https:\/\/smartmileco.com\/author\/techradar\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Some of Slack's private GitHub code was stolen following a data breach &bull; smartMILE","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/","og_locale":"en_US","og_type":"article","og_title":"Some of Slack's private GitHub code was stolen following a data breach","og_description":"Slack has confirmed that it recently suffered a data breach, but reassured customers that their data was not affected by the incident. In an announcement (opens in new tab) published by the online collaboration giant on December 31, 2022, Slack explained how an unknown threat actors obtained Slack employee tokens and used them to access [&hellip;]","og_url":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/","og_site_name":"smartMILE","article_publisher":"https:\/\/www.facebook.com\/Smartmile-102682521688201","article_published_time":"2023-01-05T17:37:49+00:00","og_image":[{"url":"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg"}],"twitter_card":"summary_large_image","twitter_image":"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg","twitter_creator":"@smartmile","twitter_site":"@smartmile","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/smartmileco.com\/#organization","name":"smartMILE & Co.","url":"https:\/\/smartmileco.com\/","sameAs":["https:\/\/www.facebook.com\/Smartmile-102682521688201","https:\/\/www.instagram.com\/smartmileco\/","https:\/\/www.linkedin.com\/company\/smartmile-en","https:\/\/www.youtube.com\/channel\/UCNDXRNG-EFmNHKgqW8lRfhg","https:\/\/www.pinterest.ch\/smartMILE_Co","https:\/\/twitter.com\/smartmile"],"logo":{"@type":"ImageObject","@id":"https:\/\/smartmileco.com\/#logo","inLanguage":"en-US","url":"https:\/\/woocommerce-331985-2347979.cloudwaysapps.com\/file\/2021\/12\/fond-blanc-rectangle.png","contentUrl":"https:\/\/woocommerce-331985-2347979.cloudwaysapps.com\/file\/2021\/12\/fond-blanc-rectangle.png","width":2530,"height":454,"caption":"smartMILE & Co."},"image":{"@id":"https:\/\/smartmileco.com\/#logo"}},{"@type":"WebSite","@id":"https:\/\/smartmileco.com\/#website","url":"https:\/\/smartmileco.com\/","name":"smartMILE","description":"Industries expert-approved software, services and resources\u200b","publisher":{"@id":"https:\/\/smartmileco.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/smartmileco.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#primaryimage","inLanguage":"en-US","url":"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg","contentUrl":"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg"},{"@type":"WebPage","@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#webpage","url":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/","name":"Some of Slack's private GitHub code was stolen following a data breach &bull; smartMILE","isPartOf":{"@id":"https:\/\/smartmileco.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#primaryimage"},"datePublished":"2023-01-05T17:37:49+00:00","dateModified":"2023-01-05T17:37:49+00:00","breadcrumb":{"@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/smartmileco.com\/"},{"@type":"ListItem","position":2,"name":"Some of Slack&#8217;s private GitHub code was stolen following a data breach"}]},{"@type":"Article","@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#article","isPartOf":{"@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#webpage"},"author":{"@id":"https:\/\/smartmileco.com\/#\/schema\/person\/6ee82d17aba00b280e7f6a9b2a680427"},"headline":"Some of Slack&#8217;s private GitHub code was stolen following a data breach","datePublished":"2023-01-05T17:37:49+00:00","dateModified":"2023-01-05T17:37:49+00:00","mainEntityOfPage":{"@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#webpage"},"wordCount":330,"publisher":{"@id":"https:\/\/smartmileco.com\/#organization"},"image":{"@id":"https:\/\/smartmileco.com\/some-of-slacks-private-github-code-was-stolen-following-a-data-breach\/#primaryimage"},"thumbnailUrl":"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg","articleSection":["TechRadar"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/smartmileco.com\/#\/schema\/person\/6ee82d17aba00b280e7f6a9b2a680427","name":"TechRadar","url":"https:\/\/smartmileco.com\/author\/techradar\/"}]}},"fifu_image_url":"http:\/\/cdn.mos.cms.futurecdn.net\/MwYwAjgHMvM42gcyisExaH.jpg","gt_translate_keys":[{"key":"link","format":"url"}],"_links":{"self":[{"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/posts\/54113"}],"collection":[{"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/comments?post=54113"}],"version-history":[{"count":0,"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/posts\/54113\/revisions"}],"wp:attachment":[{"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/media?parent=54113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/categories?post=54113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartmileco.com\/wp-json\/wp\/v2\/tags?post=54113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}