/>
X

HipChat hacked, user account info and some content potentially compromised

The breach occurred over the weekend due to a vulnerability in a third-party library used by HipChat.com.
stephanie-condon-author.jpg
Written by Stephanie Condon, Senior Staff Writer on

Atlassian's workplace chat platform HipChat was hacked over the weekend, the company announced in a security notice, due to a vulnerability in a third-party library used by HipChat.com.

The incident affected a server in the HipChat Cloud web tier, and for a small number of instances (less than 0.05 percent), there's evidence messages and content in rooms may have been accessed.

For all instances, the attacker may have accessed user account information like names, email addresses, and hashed passwords. Room metadata (including room name and room topic) may have also been accessed.

Hipchat chief security officer Ganesh Krishnan noted that HipChat hashes passwords using bcrypt with a random salt. As a precaution, Hipchat have invalidated passwords on all potentially affected HipChat-connected user accounts and sent those users instructions on how to reset their password. The company is also readying a HipChat Server update in response to the attack.

There's no evidence the breach impacted other Atlassian systems, like Jira, Confluence, or Trello.

"We are confident we have isolated the affected systems and closed any unauthorized access," Krishnan wrote.

Enterprise collaboration set for smart revolution in 2017

Related

McDonald's and Chick-fil-A both have a big problem. Only one has a solution
screen-shot-2022-06-28-at-6-24-27-pm.png

McDonald's and Chick-fil-A both have a big problem. Only one has a solution

Business
On July 12, we'll see the universe like never before
51656393132-ca88bc21e3-k

On July 12, we'll see the universe like never before

Space
Apple's 'most complicated product' is heading for launch, says analyst
The Apple Computers Store in Sydney Australia

Apple's 'most complicated product' is heading for launch, says analyst

AR + VR