Insights

Business communication platform Slack reported suspicious activity on its GitHub account in the lead up to the new year. Slack discovered that a limited number of employee tokens were stolen and used to access the company's GitHub repository. The threat actor downloaded private code repositories on December 27. Slack confirmed that none of the downloaded repositories contained customer data, means to access customer data, or the company's primary codebase.