Security News > 2023 > January > Slack's private GitHub code repositories stolen over holidays

Slack's private GitHub code repositories stolen over holidays
2023-01-05 08:50

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories.

BleepingComputer has come across a security incident notice issued by Slack on December 31st, 2022.

The incident involves threat actors gaining access to Slack's externally hosted GitHub repositories via a "Limited" number of Slack employee tokens that were stolen.

While some of Slack's private code repositories were breached, Slack's primary codebase and customer data remain unaffected, according to the company.

Slack has since invalidated the stolen tokens and says it is investigating "Potential impact" to customers.

Ironically, the security update speaks of Slack taking your "Security, privacy, and transparency very seriously," and yet comes with some caveats.


News URL

https://www.bleepingcomputer.com/news/security/slacks-private-github-code-repositories-stolen-over-holidays/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Github 12 2 45 29 19 95