Slack, the most famous communication app that is raising millions in venture funding has announced that its database servers have been hacked. The company’s statement confirmed that hackers were able to beach in the app’s servers. However, the statement didn’t confirm that the encrypted passwords were compromised or not.
“We were recently able to confirm that there was unauthorized access to a Slack database storing user profile information. We have since blocked this unauthorized access and made additional changes to our technical infrastructure to prevent future incidents,” said the Slack’s statement.
Slack has been hailed as the best communication app for iOS and Android which could be used by companies, co-working environments and anyone for productivity.
Unfortunately, several sources have confirmed that Slack security systems are not that state of the art. It still uses the central server where all the information about users like passwords, usernames, Skype, phone numbers, are saved. The passwords are encrypted with one way authentication. It is also being said that Slack server saves all the chats and no encryption is used for chats whatsoever. Slack is yet to shed light on the cause of this attack and what information was leaked.
Slack has added two-factor authentication after the attack, but the users will have to open their profile first, toggle the two factor authentication on and then use it with their phone number.