Munin, Keeper of LoreApr 24, 2017

Hipchat has suffered an #infosec incident

https://blog.hipchat.com/2017/04/24/hipchat-security-notice/

They're blaming a "third party library" but, -extremely- annoyingly, have neglected to state which library it is - so be prepared to keep an eye out for other services having incidents in the future, if this isn't a case of hipchat having used something catastrophically out of date.

Show threadBadimir Tootin'
@munin also maybe I'm paranoid, but the bit about room contents sounds to me like someone was being specifically targeted in this? (and the other stuff was just grabbed as happy incidentals)
Apr 24, 2017 at 9:38pmWeb
Show threadMunin, Keeper of LoreApr 24, 2017
@BlueSpaceCanary No, that's an entirely reasonable supposition. Lots of corps use hipchat for internal discussions; if this is a case of corp espionage, it may well be, depending on the gain anticipated, worth burning an exploit to get hold of it.