If you use the app Slack for Android, stop everything and change your password immediately! For a month, a bug that occurred at the end of December allowed users’ identification data to be saved in the clear on their devices.
The company sent an email to all of its users, but you may have missed it. She specifies that the bug would not, however, have resulted in unauthorized access to Slack accounts affected by this major security flaw.
Slack right of reply:
“On Friday, February 5, we notified users of Slack’s Android that we had reset their passwords in response to a bug that saved credentials in clear text. This reset only affected a small subset of Android users (less than 1%) who entered their password between January 11, 2021 and January 20, 2021. Users who sign in through a single sign-on provider (SSO) were not affected at all.
At this time, no further action is needed for advanced Android users. Slack reset all known passwords, instructed users of the affected version to upgrade to an updated version of the Android app, and notified those users and their workspace primary owners of the issue. We sincerely apologize for any disruption. »
Change your Slack password for Android
It was on December 21, 2020 that Slack would have introduced a bug in its Android application, and not the least. Indeed, this malfunction allowed the application to record the identification data of its users, in particular the password, in plain text.
And it was only on January 20, 2021 that Slack noticed the problem. However, it was fixed the next day. The first thing to do is therefore to update your Slack application, in order to benefit from the patch posted online.
But the company insists on resetting your password. She specifies that the selection of a complex and unique password is highly recommended “, and that she is also ” essential to protect the integrity of your account “.
Download Slack for Android
Source : Android Police