"Email Addresses of 15 million Trello Users Leaked on Hacking Forum"

A threat actor recently released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January.  Trello is an online project management tool owned by Atlassian.  Businesses commonly use it to organize data and tasks into boards, cards, and lists.  In January, a threat actor known as "emo" was selling profiles for 15,115,516 Trello members on a popular hacking forum.  The leaked data includes email addresses and public Trello account information, including the user's full name.  Reasearchers noted that the leaked information can be used in targeted phishing attacks to steal more sensitive information, such as passwords.  Atlassian confirmed to BleepingComputer today that the information was collected through a Trello REST API that was secured in January.

 

BleepingComputer reports: "Email Addresses of 15 million Trello Users Leaked on Hacking Forum"

Submitted by Adam Ekwall on