Quotes in place - check.
Lots of commas and all full stops accounted for - check.
Sub-headline - can't be bothered to check.
LET'S HIT PUBLISH, IT'S PUB O'CLOCK.
Workplace chat app Slack, popular among West Coast startup hipsters and others, has been hacked, its makers said on Friday. Slack policy and compliance strategy veep Anne Toth – who previously worked at Google and Yahoo! – has explained how over a four-day period in February, attackers were able to access a database containing …
It's got a few bells and whistles added to it, like being able to generate a message on an accepted pull request in GIT, but otherwise it's IRC polished up so that it's easier to sell management on. You can even connect to it using IRC clients (we have it in the office technically, but it's rarely used)
It has been over a month since this breach, and the notification is coming exceptionally late. They know exactly when the service was breached, what information was accessible, but it would seem that the start of the investigation was only extremely recent. Their auditing and alerting practices at the time were seemingly not sufficient to discover the breach ‘as it happened’ but much later. They have also not confirmed whether this was from an external escalation (customer reporting) rather than their internal controls.
Further to this they have no details on how the breach occurred and the measures that have been taken to ensure that the technique, technology or policy has been changed and/or remediated to ensure less risk of reoccurrence. It does not instill much confidence.
Biting the hand that feeds IT © 1998–2021