@quinophex@CarlGottlieb@polemic@adrianthomas@troyhunt@SlackHQ So the source appears to now be acknowledged as rogue code injected into slacks login pages. And its taken 4 years to find out plaintext creds were filched.
Thats pretty embarassing for Slack...