Slack's Private GitHub Code Repositories Stolen Over Holidays (bleepingcomputer.com) 11
An anonymous reader quotes a report from Bleeping Computer: Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at workplaces and digital communities around the world. BleepingComputer has come across a security incident notice issued by Slack on December 31st, 2022. The incident involves threat actors gaining access to Slack's externally hosted GitHub repositories via a "limited" number of Slack employee tokens that were stolen. While some of Slack's private code repositories were breached, Slack's primary codebase and customer data remain unaffected, according to the company.
The wording from the notice [1, 2] published on New Year's eve is as follows: "On December 29, 2022, we were notified of suspicious activity on our GitHub account. Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed that the threat actor downloaded private code repositories on December 27. No downloaded repositories contained customer data, means to access customer data, or Slack's primary codebase."
Slack has since invalidated the stolen tokens and says it is investigating "potential impact" to customers. At this time, there is no indication that sensitive areas of Slack's environment, including production, were accessed. Out of caution, however, the company has rotated the relevant secrets. "Based on currently available information, the unauthorized access did not result from a vulnerability inherent to Slack. We will continue to investigate and monitor for further exposure," states Slack's security team. The good news, with regards to the most recent security update is that no action needs to be taken by customers, for now.
The wording from the notice [1, 2] published on New Year's eve is as follows: "On December 29, 2022, we were notified of suspicious activity on our GitHub account. Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed that the threat actor downloaded private code repositories on December 27. No downloaded repositories contained customer data, means to access customer data, or Slack's primary codebase."
Slack has since invalidated the stolen tokens and says it is investigating "potential impact" to customers. At this time, there is no indication that sensitive areas of Slack's environment, including production, were accessed. Out of caution, however, the company has rotated the relevant secrets. "Based on currently available information, the unauthorized access did not result from a vulnerability inherent to Slack. We will continue to investigate and monitor for further exposure," states Slack's security team. The good news, with regards to the most recent security update is that no action needs to be taken by customers, for now.
Obligatory. (Score:5, Funny)
I guess their security was too... Slack.
YEAAAAAAAH!
Re: (Score:2)
Re: (Score:2)
Maybe somebody at Tableau was upset about the pending layoffs.
Of course, there is another way to get the code (Score:2)
If it is in github, all you really need to do is fire up copilot and then type: // This project contains a major competitor to Slack
and then *boom* here comes all that secret code!
Why (Score:2)
Re: (Score:2)
Our company just migrated to bitbucket cloud and we have it locked to only one IP address which is that of our internal network’s public facing
phrasing nitpick (Score:2)
The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at workplaces and digital communities around the world
It's a nitpick, but 18 million users worldwide doesn't qualify as immensely popular. Maybe not even any shade of popular.