Slack, one of the new business communication tools in town, has become the target for hackers. In a blog post last night, the company revealed that it had discovered an intrusion in its central user database, and is also beefing up its security.
Slack’s blog post reads,
We were recently able to confirm that there was unauthorized access to a Slack database storing user profile information. We have since blocked this unauthorized access and made additional changes to our technical infrastructure to prevent future incidents.
According to the company, the attacks took place for four days in February and the hackers could have accessed user names, email addresses and encrypted passwords. It however claims that these suspicious activities were only found in “very small number of accounts.”
To beef up security, the company has introduced two new security features — 2FA and password kill switch. The former, also known as two-step authentication, is the preferred mode of protection for most tech companies. To enable it, head over to your Accounts settings, and enter your password to start the process.
You will first need to download either Google Authenticator, Duo Mobile or Windows Phone Authenticator app for your phone or tablet. Next step is to scan the barcode provided by Slack, which enables the aforementioned apps to generate a code. Enter the code to enable 2FA on your account.
The latter is a feature for team owners. In a situation where the team’s data could be compromised, the team leader will be able to use this feature to simultaneously reset passwords of all the accounts and also sign all the accounts out of Slack. Team owners can find this option under the authentication tab of their team settings.
Slack competes with the likes of Hipchat and Yammer and has seen an explosive growth. As per a Bloomberg report, it is in talks to raise a round of funding at a $2 billion valuation.