Speculations on the tactic
Cybersecurity consultants identified that in latest incidents, hackers have breached Slack accounts by exploiting stolen or leaked API keys.
“Builders typically combine Slack into their automation instruments, and within the course of, generally by accident leak these keys on code-sharing websites like GitHub or API platforms like Postman,” stated Rahul Sasi, CEO of CloudSEK. “For instance, within the Disney leak, hackers gained entry to public chat rooms. This occurred as a result of Slack API keys, by default, sometimes have entry to public Slack rooms.”
Others added that whereas it’s too early to remark definitively on the reason for such a large breach, frequent elements like weak passwords, phishing, and social engineering may not have compromised a number of Slack channels.
