Threat actors stole Slack private source code repositories

Pierluigi Paganini January 05, 2023

Enterprise collaboration platform Slack disclosed a data breach, hackers stole some of its private source code repositories.

The enterprise collaboration platform Slack has announced to have suffered a security breach, threat actors have stolen some of its private source code repositories. The company pointed out that its customers were not affected.

“We recently became aware of a security issue involving unauthorized access to a subset of Slack’s code repositories.” reads the security update published by Slack. “On December 29, 2022, we were notified of suspicious activity on our GitHub account. Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed that the threat actor downloaded private code repositories on December 27.”

Slack Enterprise Key Management

Slack learned of the suspicious activity on December 29 and launched an investigation into the incident. The investigation revealed that attackers have stolen a limited number of employee tokens and used them to gain access to our externally hosted GitHub repository. The company downloaded private code repositories on December 27.

Slack pointed out that the accessed repositories did not contain primary codebase.

In response to the incident, the company immediately invalidated the stolen tokens and began investigating the potential impact on its customers.

“Our current findings show that the threat actor did not access other areas of Slack’s environment, including the production environment, and they did not access other Slack resources or customer data. There was no impact to our code or services, and we have also rotated all relevant credentials as a precaution,” continues the update.

Slack added that threat actors did not exploit any vulnerability in its systems to achieve unauthorized access. The investigation is still ongoing.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Slack)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment