Administrators of the corporate messenger HipChat assess the damage caused by hacker attack. Attackers stole the metadata of group chats, user messages and, according to experts, personal data of users.

Thieves in the chat.

The command of the popular corporate messenger HipChat reported the hacking of data, which can compromise the names, email addresses and passwords of users. The incident occurred on Monday April 24, 2017.

As the International Business Times writes, messenger administrators warned that hackers could steal the metadata of group chat rooms - rooms - including the names of groups and topic topics. Moreover, according to the administrators, from the rooms were also stolen user messages.

Representatives of HipChat added that the number of stolen messages is likely to be small.

As the representative of the internal security service HipChat Ganesh Krishnan (Ganesh Krishnan), user communications touched about 0.05% of the damage caused by hackers.

As for the passwords, they were encrypted using the so-called "salt" hashing method (a random string is added to the password before the hash operation). Have passwords and logins been stolen - not reported. Ganesh Krishnan added that hacking could cause more serious damage, "however, there is good news: the security system helped to avoid it".

Library problem.

The bad news for messenger users, according to experts, was that, it seems, the hackers leaked their confidential information "not intended for the public".

In addition, since many users put the same logins and passwords for different platforms, which in fact are now in the hands of hackers, hacking can have consequences. Therefore, in the Australian company Atlassian, which acquired HipChat in 2012. , Announced their intention to verify all accounts associated with the messenger (details of the procedure are not specified).

Instructions will be sent to users. Atlassian also announced its intention to find out the vulnerability that led to the possibility of hacking, and fix it. Presumably, the problem lies in the external third-party file library.

Launched in 2010.

HipChat integrates with dozens of third-party services, like GitHub, MailChimp and Heroku. Messenger HipChat offers online chat of private and group nature, video calls and a cloud storage service.

The messenger is available on PCs under Windows, Mac or Linux, as well as on smartphones for Android and iOS. The total number of HipChat users exceeds half a million people. Thanks to multi-platform and integrated messenger with third-party services, most of them are IT companies.