Privacy, Data Security

Over 15M Trello users’ scraped data on sale

Team project management platform Trello was noted by the Have I Been Pwned? breach notification service to have data from more than 15 million users exposed and peddled on a dark web hacking forum following a data scraping incident this month, Forbes reports. Individuals' full names, usernames, emails, and other account information were claimed to be included in the stolen file. "...[T]he data was obtained by enumerating a publicly accessible resource using email addresses from previous breach corpuses. Trello advised that no unauthorized access had occurred," said Have I Been Pwned? in its email advisory. Meanwhile, Trello noted that its investigation revealed no evidence suggesting that the exposed information had been exfiltrated through a breach of its systems. "All evidence points to a threat actor testing a pre-existing list of email addresses against publicly available Trello user profiles," said a Trello spokesperson, who added that platform activity will be continuously monitored to ensure security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.