Threat actors stole Slack private source code repositories

Enterprise collaboration platform Slack disclosed a data breach, hackers stole some of its private source code repositories.

The enterprise collaboration platform Slack has announced to have suffered a security breach, threat actors have stolen some of its private source code repositories. The company pointed out that its customers were not affected.

“We recently became aware of a security issue involving unauthorized access to a subset of Slack’s code repositories.” reads the security update published by Slack. “On December 29, 2022, we were notified of suspicious activity on our GitHub account. Upon investigation, we discovered that a limited number of Slack employee tokens were stolen and misused to gain access to our externally hosted GitHub repository. Our investigation also revealed that the threat actor downloaded private code repositories on December 27.”

Slack learned of the suspicious activity on December 29 and launched an investigation into the incident. The investigation revealed that attackers have stolen a limited number of employee tokens and used them to gain access to our externally hosted GitHub repository. The company downloaded private code repositories on December 27.

Slack pointed out that the accessed repositories did not contain primary codebase.

In response to the incident, the company immediately invalidated the stolen tokens and began investigating the potential impact on its customers.

“Our current findings show that the threat actor did not access other areas of Slack’s environment, including the production environment, and they did not access other Slack resources or customer data. There was no impact to our code or services, and we have also rotated all relevant credentials as a precaution,” continues the update.

Slack added that threat actors did not exploit any vulnerability in its systems to achieve unauthorized access. The investigation is still ongoing.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Slack)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.