Big and small brands across the globe are falling prey to cyberattacks, and this time, it is Trello– the insanely popular project management tool. A hacker who goes by the name “Emo” has leaked 21.1 GB worth of data on a cybercrime platform. Emo claimed that he had stolen the data back in January 2024. But now, finally, he published all the data on the dark web, thereby exposing the personal data of 15 million Trello users.
The hacker exposed private details such as usernames, user IDs, profile URLs, full names, status information, email addresses, settings, associated board memberships, and so on.
How did the Trello breach happen?
The hacker Emo has explained how he hacked into the system of Trello to show off his hacking skills. If we are to believe him then the Trello breach happened because Trello had an unsecured API endpoint. It is this endpoint which gave easy, unauthorized access to the hacker. Emo managed to link email addresses to Trello accounts by leveraging this unsecured endpoint, thereby exposing user identities and their personal details.
Emo initially made the most out of the existing breached email databases and later on increased the impact of the attack. He put in efforts to widen the impact of the breach.
Emo said that he used the unsecured API to access as many as 500 million emails and extracted around 15,115,516 email addresses.
Trello, on the other hand, denied any such data breach initially. But now the Atlassian project managing brand has finally confessed that a breach actually happened.
Earlier, Trello users were able to invite members/guests for project management through their email addresses. However, after the unfortunate breach, Trello tweaked the system so that no unauthenticated user could request others’ email addresses. Trello has been monitoring the API constantly since the data breach instance came to light.
Image sourced from miraclesoft.com
Is Trello responsible for exposing the data of 15 million users?
Trello spokesperson has accepted the unsecured API but has not taken complete responsibility for the data breach.
The Atlassian spokesperson said that they have conducted a thorough investigation and found that threat actors could just access publicly available profile data of the users. Also, they claim that Emo had obtained the email addresses from another source, and not from Trello itself.
The Atlassian spokesperson said that they believe that the hacker has been making false claims regarding the data breach. At the same time, Trello has asked its users to stay vigilant as long as the investigation is going on.
Experts however does not agree with Trello’s take and urges individual users and business organizations to use robust security measures to combat issues like potential unsecured APIs.
How can you safeguard yourself from similar cyberattacks?
If you or your organization has been using Trello to manage the projects seamlessly, then you definitely need to see this-
- Have you just got a mail claiming to be from Trello? Avoid opening the email at any cost.
- Do not click on any suspicious links.
- Change the password of your email ID as soon as possible to prevent any kind of cyber mishap. Make sure the new password is strong enough so that no one can crack it easily.
- Keep an eye on all the emails in your inbox and be vigilant enough to detect any phishing attempts.
- Avoid sharing your personal details over the phone, as it may be a scam call.
- Educate yourself as to what immediate actions you can take in case you fall prey to a phishing attack.
- Go for regular security audits to identify any kind of vulnerabilities in the system. This will enable your organization to detect any kind of potential threats. It is essential to prioritize strong email security by implementing email authentication protocols such as SPF, DKIM, and DMARC during audits.
- Conduct an immediate employee training session while focusing on the Trello data breach.
- Apply MFA or Multifactor Authentication to get an extra layer of protection. Never rely solely on passwords.
- Update all your software from time to time. Timely updates strengthen your security system, thereby preventing any kind of security breach.
Trello has a history of cyberattacks!
This is not the first time Trello has faced a cyberattack. The project management tool has also faced multiple attacks in the past.
Back in 2020, some users were found setting their Trello boards to “public” view. This attracted a lot of unwanted attention to sensitive data.
Again in April 2022, APT29– a threat actor, was trying to evade detection by using Trello services. Their ultimate aim was to target diplomatic missions across continents like Asia, Europe, and America.
The Trello data breach is a shocking reminder that one must never rely blindly on technology. Remember, there can always be loopholes in a system that you are dependent on. The solution is to stay aware and focused wherever your personal data is involved.