Slack has sent an email to users asking them to change their passwords. The reason is that Slack has stored their passwords in plain text.
Normally, it is important to be really careful with this type of email. Slack and other services are used by cybercriminals who carry out phishing attacks, but in this case the email is actually completely genuine.
Reading tips: Wyze affected by security leak – sensitive customer data visible
Users are encouraged to do two things to be completely safe. Change the password to Slack and clear the app information on the mobile phone.
We are taking this step as a precaution due to an error that we discovered and there is no evidence of any unauthorized or third-party access to this account… On December 20th, 2020, Slack introduced a bug that caused some versions of our Android app to log clear text user credentials to their device. Slack identified the issue on January 20th, 2021, and fixed it on January 21st, 2021.
The problems on Slack’s page have already been fixed and should not arise again.
All versions of Slack’s mobile app where the problem may occur have been deactivated and may no longer be used with the service. Your account should be completely secure, but change your password as soon as possible if you have received an email.