Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Hackers Compromise Atlassian’s HipChat to Steal User Data


Widely accessed communications service by businessmen and companies, HipChat is warning visitors about a database hack it has experienced that possibly compromised their passwords, e-mail addresses and names.

Apart from user information, hackers may've also managed admission into metadata from organization groups also referred to as "rooms" particularly room topic and room name. Even bad is that within few instances, rooms may've been targeted to steal messages from.

It was Ganesh Krishnan Chief Security Officer of HipChat who notified about the hack. He blogged that a hacker gained admission into a HipChat server using certain security flaw inside an intermediate software library which HipChat utilized.

Krishnan notes that each and every hacked password was hashed with the aid of bcrypt encryption having one salt taken at random, an optimum security practice which makes the passwords extremely hard to crack. Siliconangle.com posted this online dated April 24, 2017.

As per an analysis by Krishnan, the situation may've gotten worse in case of absence of ordinary best practices to keep intact security. But because of their presence, it is good news to breach affected users of HipChat. Krishnan observes that to take precaution, HipChat has inactivated passwords for each and every user account connected to it while issued instructions to those users about the way for creating fresh passwords. He adds that for those users who've not got an e-mail, they're the unaffected ones for whom no evidence has been found.

However, it's bad enough that plentiful user data got hijacked. Whilst unlike direct messages, metadata mayn't have so much of explicit exposure, yet it can prove sufficiently high to figure out info not desired to be publicly known.

Atlassian the parent company of HipChat is destabilizing the accounts that while being HipChat-connected have been impacted. Even as Atlassian is trying to know the root cause of the problem which facilitated the hack, and fix it -the hack that seemingly occurred because of an intermediate library having vulnerability not yet patched- it observed that users unconnected with that library didn't feel the impact, and remaining properties of the company too are safe.

» SPAMfighter News - 4/28/2017

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next