Slack Privacy News

Following a week of user backlash, Slack revised the language of its AI privacy principles to state more clearly that customer data (messages, files, DMs) is not used to train generative AI or large language models, and that its non-generative ML uses de-identified, aggregate data that does not access message content. Slack conceded the prior wording had been misleading but kept the opt- in-by-default structure in place for non-generative ML training.

Users discovered that Slack had been using customer messages, files, and other workspace content by default to train its machine learning global models for features like channel, emoji, and search recommendations, with opt-out requiring a workspace owner to email Slack's Customer Experience team. The policy had existed since at least September 2023 but was buried in outdated privacy principles; coverage in Ars Technica, TechCrunch and The Register triggered widespread backlash over the opt-in-by- default approach and vague language implying message content could be used.

Slack replaced the free plan's 10,000-message visibility cap with a 90-day retention window, meaning messages and files on free workspaces older than 90 days would be hidden and eventually deleted. The change disproportionately affected open-source communities, nonprofits, and volunteer groups that relied on free workspaces as an archive, and was partially offset a month later when Slack gave free-plan owners the option to configure 90-day retention instead of having it forced upon them.

Slack disclosed that a bug in its shared invite link feature had been transmitting salted, hashed user passwords over the websocket to other members of the workspace whenever a user created or revoked an invitation link. The flaw was present from April 17, 2017 to July 17, 2022, affected roughly 0.5 percent of Slack users, and required active network traffic capture to exploit. Slack reset passwords for all affected accounts.

Slack rolled back part of its new cross-organization Slack Connect DM feature hours after launch when users showed that invitation emails could be weaponized to send abusive or harassing messages that recipients could not easily block. The company removed the ability to include a custom message with DM invites and pledged further fixes, highlighting how the feature had shipped without meaningful abuse-prevention review.

Slack disclosed that a December 2020 update to its Android app had inadvertently logged user credentials in plaintext on devices for roughly a month before being caught. Slack forced password resets for affected users and advised them to clear app data logs, though it characterized the issue as affecting only a small subset of Android users.

Security researcher Oskars Vegeris disclosed a critical remote code execution vulnerability in the Slack desktop app for Windows, macOS, and Linux that allowed one-click RCE via crafted posts leveraging HTML injection and XSS. Slack patched the flaw in version 4.4 earlier in 2020, but the public disclosure drew widespread criticism because Slack paid only a 1,750 dollar bounty for a near-10 CVSS vulnerability.

Slack forced a password reset for roughly 1 percent of its user base (about 100,000 accounts) after being contacted via its bug bounty program with credentials apparently stemming from the 2015 breach. The reset covered accounts active during the 2015 incident that had not since changed passwords or moved to SSO, four years after the original disclosure.

Slack updated its privacy policy so that on paid Plus and Enterprise plans, workspace owners could export the contents of private channels and direct messages without notifying employees, replacing the previous Compliance Export tool that had required user notification. Slack cited GDPR preparation as the reason for the change, but critics and labor advocates warned it materially weakened employee privacy expectations on the platform.

Slack disclosed that attackers had accessed its central user database for approximately four days in February 2015, exposing usernames, email addresses, phone numbers, Skype IDs, and bcrypt-hashed passwords. Attackers also injected code capable of capturing plaintext passwords entered during the intrusion. In response, Slack rolled out two-factor authentication and a password kill switch for team owners.