On December 31, 2022, Slack, a platform for business communication and collaboration with over 18 million users in offices and online communities, on its security update told its users that hackers stole several private source code repositories on December 27.
Slack received a report of questionable behaviour on their GitHub account. Investigation revealed that the Slack employee tokens had been taken and misused to access their externally hosted GitHub repository. Slack immediately deactivated the tokens. The attack occurred when the threat actor downloaded private code repositories. None of the downloaded repositories contained Slack's main codebase, customer data, or approach to access customer data. More importantly, the attack also did not impact any services or compromised access to the Slack production environment.
The incident can be compared to source code breach incident that occurred on December 21 when Okta code repositories had been accessed and copied by hackers.