This seems to be common, given disclosures that other companies have been doing the same thing. Since Slack is not end-to-end encrypted, imagine if Slack was compromised. The amount of credentials an attacker could have access to by just doing some searches would be quite devastating to a lot of companies.