Slack—Slack suffered data breach exposing user profile data for approximately 500,000 accounts

Feb 1, 2015

In February 2015, unauthorized individuals gained access to Slack infrastructure including a database storing user profile information: usernames, email addresses, hashed passwords, phone numbers, and Skype IDs. Approximately 500,000 users were affected. In response, Slack added two-factor authentication. In 2019, Slack reset passwords for ~1% of users still using pre-2015 credentials.

Scoring Impact

Topic	Direction	Relevance	Contribution
Data Security	-against	primary	-1.00
Overall incident score =			-0.443

Score = avg(topic contributions) × significance (high ×1.5) × confidence (0.59)× agency (negligent ×0.5)

Evidence (1 signal)

Confirms Policy Change Mar 27, 2015 verified

Slack disclosed 2015 data breach affecting user profile data and added two-factor authentication

Slack disclosed that unauthorized individuals accessed infrastructure in February 2015, compromising a database with usernames, email addresses, hashed passwords, phone numbers, and Skype IDs for approximately 500,000 users. Slack added two-factor authentication in response.

Slack

Related: Same Topics

Flutterwave · Lost ₦11 billion ($7M+) in security breach as perpetrators illegally transferred funds

Apr 1, 2024

Computacenter · Allegedly fired manager who reported Deutsche Bank security breach

Jul 1, 2023

LY Corporation · Suffered major data breach affecting 520,000 users due to shared infrastructure with Korean parent

Oct 9, 2023

ByteDance · China-based ByteDance employees repeatedly accessed nonpublic data of US TikTok users

Jun 17, 2022

Coinbase · Insider data breach exposed 69,461 customers' sensitive data, costing $355+ million

Dec 26, 2024