By Luca Marzo on 2019-07-18 18:43 in Compliance Team

Hello Community Members,

following the email received by Slack on July 18, 2019 at 3:31 PM (CEST), hereby to inform you about some measures applied to the accounts on the Joomla workspace.

Even if Joomla does not use Slack anymore as main communication tool between volunteers, it appears that accounts are still alive and some members could have access to this workspace.

Given that some credentials were potentially compromised during the Slack Security Incident occurred back in 2015, Slack informed OSM that as additional measures, the password of all the accounts potentially involved in the incident have been reset. Furthermore, the passwords unchanged since March 2015 have been reset too.

Further information and instructions have been sent by Slack directly to the impacted users.

These measures involved 270 users of the Joomla workspace on Slack.

Users who did not receive the email directly from Slack are not involved.

More information about the incident

- - -

Recommendations

As additional security measure, the Joomla Project would like to remind you to frequently change your passwords and to avoid using the same password for several services.

The Joomla Project will work to close the unused workplace given that the standard communication tool used project-wide is Glip.