Disney suffers massive internal communications data leak after cyberattack
- by nlqip
Speculations on the method
Cybersecurity experts pointed out that in recent incidents, hackers have breached Slack accounts by exploiting stolen or leaked API keys.
“Developers often integrate Slack into their automation tools, and in the process, sometimes accidentally leak these keys on code-sharing sites like GitHub or API platforms like Postman,” said Rahul Sasi, CEO of CloudSEK. “For example, in the Disney leak, hackers gained access to public chat rooms. This occurred because Slack API keys, by default, typically have access to public Slack rooms.”
Others added that while it’s too early to comment definitively on the cause of such a massive breach, common factors like weak passwords, phishing, and social engineering might not have compromised multiple Slack channels.
Source link
lol
Speculations on the method Cybersecurity experts pointed out that in recent incidents, hackers have breached Slack accounts by exploiting stolen or leaked API keys. “Developers often integrate Slack into their automation tools, and in the process, sometimes accidentally leak these keys on code-sharing sites like GitHub or API platforms like Postman,” said Rahul Sasi, CEO…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA