ByBill Toulas-July 17, 2019.361 Millions of credit cards are hacked on a daily basis but what happens to the information stolen? Crooks either build clone cards and buy expensive items, or engage in purchases online. The scammers will also need to create a counterfeit I d card for the first approach to work. Only old accounts which still use the same pass are affected by the reset of forced passwords. Slack fell victim of an attack back in 2015 and will now be continuing to do so as Slack placed a reset of passwords on them. This impacts only a small portion of the Slack’s userbase (1 percent), as it only affects accounts created before the breach of March 2015 and owners who have not changed their password since. Although Slack found no evidence that the breach in 2015 resulted in actual risk, a recent report they obtained changed that. A bug bounty program approached Slack and provided them with a set of email addresses and variations of passwords which the platform agreed were legitimate. Slack found after a more in-depth review that most of them were taken during the 2015 incident so that the data was out there and for sale after all and the only way to ensure the protection of the compromised users would be to reset their passwords. That said, if you are in the vulnerable group, there is nothing you need to do right now as Slack will automatically reset your password. You will also receive an email which looks like the one below and which includes guidance on the further steps you need to take to reset your password and protect your account against future threats. In addition to setting up a new password and updating the account activity, the most important additional step you can take from now on is the 2Fa, which applies to all users, regardless of whether they belong to the insecure 1% or the unaffected 99%. .370 .370 Recall in April Slack revealed to its investorshacker groups a rich range of active dangers deploying sophisticated password spraying phishing credential stuffing and DdoS attacks. In most instances it all begins with the user and what security measures are taken in the first place by the account owner.