Slack Security Incident

Nir Koren Jan 09, 2023 10 min read

Slack, the popular workspace platform, disclosed a major security incident that took place over the recent Xmas and New Year holidays

In a blog post revealed by Slack’s Security Team on December 31, 2022, Slack released information about “a security issue involving unauthorized access to a subset of Slack’s code repositories.”

So, how did it all go down?

It all started on December 29, 2022, when the company noticed suspicious activity on its GitHub account. It appeared that a small number of Slack employee tokens had been stolen and used to access the company’s GitHub external repository. The perpetrator allegedly downloaded private code repositories on December 27.

Slack announced that “customers were not affected, no action is required, and the incident was quickly resolved.” No downloaded repositories contained customer data, meaning perpetrators could not access user information or Slack’s primary codebase.

As far as Slack knows today, no other areas of Slack’s environment were accessed.

Worryingly, it’s not the first time this has happened…

In just July of 2022, an independent security researcher discovered a vulnerability when the platform transmitted a hashed version of the user password to other workspace members. At the time, roughly 0.5% of Slack users had to change their passwords due to the issue.

Not cool.

What is Slack?

In a nutshell, Slack is an instant messaging program for organizational communication. It’s one of the most popular workspace platforms today, with over 10 million daily active users.

What can we learn from this data breach?

First and foremost, the attack was particularly alarming because Slack is used by various businesses as an internal collaboration platform that stores sensitive company data such as customer information and financial records. As such, there was a potential risk that these details would be compromised due to the breach — not only impacting customers but also damaging Slack’s own reputation with regards to security protocols and trustworthiness.

This wave of highly sophisticated cyberattacks serves as a reminder that no system is ever completely secure — even those made with great effort put into safety protocols can still be vulnerable at times due unforeseen circumstances beyond our control (such as human error). Therefore it is important now more than ever for companies (both large and small) to invest time and resources into proper cybersecurity measures on an ongoing basis so that they can stay ahead of any attackers looking for weaknesses or vulnerabilities in order gain access valuable data sources belonging unsuspecting victims; investing too little money into your digital infrastructure today could prove costly tomorrow if you’re caught unprepared for unexpected scenarios like these ones taking place right now around us every day unfortunately.

How can companies and individuals protect themselves?

There are many ways to protect your company or yourself from a data breach. Here’s a list of the top ten ways to do so:

  1. Use strong passwords and enable two-factor authentication whenever possible.
  2. Install security patches and software updates on all devices regularly.
  3. Educate employees about cyber security best practices.
  4. Monitor for suspicious activity across your network and respond quickly when necessary.
  5. Set user access permissions according to need, not role or title within an organization.
  6. Back up data regularly in multiple secure locations both onsite and offsite.
  7. Utilize encryption technology when storing sensitive information online or transferring it between systems.
  8. VPN: Consider implementing a virtual private network (VPN).
  9. Secure any public Wi-Fi networks you use with WPA2 encryption protocols.
  10. Implement comprehensive incident response plans in case of a breach.


In summary, it’s clear that while data breaches are inevitable due to human error, companies like Slack are taking great strides towards increasing cyber security standards and providing peace-of-mind for their customers when using services such as theirs. By following best practices as listed above related to cyber security procedures – both at an individual level or organizationally – although not bulletproof, it is possible to reduce our risk significantly should another major incident occur.