Slack is resetting passwords for accounts belonging to users that have not secured them after the data breach suffered by the company in 2015. Hackers injected malicious code into Slack’s systems to steal plaintext passwords as they were entered by Slack users. Slack detected unauthorized access to a database containing details of users accounts, including usernames, email addresses, hashed passwords, phone numbers and Skype IDs. The company also recommended remaining users to change the password and enable 2FA. According to the company, attackers could have obtained them via malware or a third-party hack.”]
Source: https://securityaffairs.co/wordpress/88601/data-breach/slack-passowrd-reset.html