Author: Shaun Nichols / Source: The Register
IRC-for-biz HipChat says a vulnerability in a software library used by its HipChat.com service allowed hackers to access private conversations and customer account information.
The ytalk-for-suits maker said on Monday an attacker was able to infiltrate a single server powering its cloud-hosted chat service, and, in the process, extracted account records – consisting of names, email addresses, and hashed passwords – and a number of chat logs and message exchanges.
The Atlassian-owned company wouldn’t say how it hashed its passwords, but has reset all of them just in case. The corp said it will notify all exposed users by email.
“As a precaution, we have invalidated passwords on all HipChat-connected user accounts and sent those users instructions on how to reset their passwords,” said HipChat chief security officer Ganesh Krishnan.
“If you are a user of HipChat.com and do not receive an email from…
Click here to read more
