Chat room service Slack has revealed that the personal details of some users have been compromised after it was hacked earlier this year.
The business came clean about the cyber attack in a blog post yesterday (27 March) but only after it had cleaned up the security breach and made “additional changes” to “prevent future incidents”.
It said the phone numbers and Skype IDs of a “very small number of accounts” were affected by the hack though it has “no indication that the hackers were able to decrypt store passwords” or access financial information. The owners of those breached accounts have been notified and Slack is working with their security teams to plug the gaps.
Stack is still investigating the attack, which took place over four days in February. The announcement was made as “soon as we could confirm the details and as fast as we could type”, the blog read.
Since the compromised system was first discovered, we have been working 24 hours a day to methodically examine, rebuild and test each component of our system to ensure it is safe,” it continued.
“We are collaborating with outside experts to cross-check assumptions and ensure that we are meticulous in our approach. In addition we have notified law enforcement of this illegal intrusion.”
The chat room has added two new features to prevent similar hacks; a two step verification system has been introduced alongside a password kill switch for team owners to instantaneously reset passwords and terminate all sessions in emergencies.
The breach isn’t the first time Slack’s security measures have been called in to question. Last year, the service left companies like Apple, Google and Facebook exposed after a bug in its system made the names given to its chat rooms avaible to anyone.
Slack’s attack is the latest to target emerging technology players. Popuar dating app Tinder, video streaming service Twitch, Snapchat and Kickstarter have all come clean about securiy breaches over the last six month.