But Slack isn't just used for discussions. It's used for sharing. People send files through slack -- files that probably contain sensitive data, code, financials, etc. People pass secret sharing URLs (think Google Docs' "anyone with the link can access") through it. If we're being honest, probably some people exchange passwords over it. People directly grant OAuth access to other services for "integrations". Some people do "ChatOps" -- literally controlling production servers through chat -- over Slack.
Q: Were my messages taken/read/accessed?
If you have not been explicitly informed by us in a separate
communication that we detected suspicious activity involving
your Slack account, we are very confident that there was no
unauthorized access to any of your team data (such as messages
or files).
So. Slack has been hacked, and at least some people's logs were evidently stolen.
And then what if Slack gets hacked?
http://slackhq.com/post/114696167740/march-2015-security-inc...
So. Slack has been hacked, and at least some people's logs were evidently stolen.Yikes.