An online privacy watchdog has issued a stark warning about the risks of using the popular workplace chat app Slack. Gennie Gebhart, who serves as the associate director of research at the Electronic Frontier Foundation, outlined the threat of nation-state attacks using the troves of personal data that Slack stores. In an op-ed in the New York Times, Ms Gebhart cited Slack’s recent filing with the Securities and Exchange Commission, which highlighted threats from “sophisticated organised crime, nation-state, and nation-state supported actors”.
However, Slack has comeback with their thoughts on security but the platform does not use end to end encryption.
OK, I am surprised to read that Slack doesn’t encrypt its messages end-to-end, but then also surprised at myself to expect that. I’d say do your due diligence and see what #security features are important. https://t.co/zWnqn2EOO4
— Amit Bahree ? (@bahree) July 1, 2019
Jake Moore, Cybersecurity Specialist at ESET:
“Slack is a fantastic application trying to break people away from the downsides that accompany old fashioned email. But if it comes without end to end encryption as standard, this will no doubt put many people off from using the platform.
Admittedly, many people don’t think or even care about encryption or place it on a priority list when it comes to data or messaging but in a world where privacy is increasingly becoming more popular, companies need to be thinking about enforcing encryption and privacy for all of their customers by default with no option to bypass it. Similarly, companies who don’t use 2FA by default also put their customers data at risk of having their confidential data viewed by anyone with the right knowhow and tools.”