SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
Dark web
Trello data breach exposes 15 million users' details on Dark Web
Sun, 28th Jan 2024
Author image
By Sean Mitchell, Publisher
Follow us

Popular project management platform, Trello, has experienced a data breach exposing 15 million users' personal details. The confidential information, including names and emails, has reportedly been collected and is now being sold on the Dark Web. Atlassian, Trello's parent firm, claims it's taken significant steps to prevent such scraping attacks from recurring, by adjusting the primary API. However, some experts suggest Atlassian might be downplaying its role in the incident.

This security breach saw unauthorised data scraping and extraction from 15 million Trello profiles, sparking severe concerns about user privacy and data protection. The incident, exposing vulnerabilities in Atlassian's API, has underscored the crucial need for more robust security around application programming interfaces to forestall unlawful access.

In the wake of the breach, Atlassian has swiftly implemented measures to reinforce its API security, targeting the vulnerabilities which the attacker exploited. An Atlassian spokesperson reassured that there was 'no unauthorised access to internal Trello systems.' The firm is proactively informing users about the situation while admitting the necessity for more accurate API configuration.

Richard Bird, Chief Security Officer at Traceable AI, commented on Atlassian's response: "Atlassian's reaction to the recent successful Trello scraping attack is a further confirmation that we've officially entered the gaslighting era of cybersecurity. Companies seem to prefer blaming or minimising the impact on victims as their chosen approach to their conspicuous failure in responsibly managing their customers' data."

Bird continued: "Atlassian clearly knew that the exposed API was a problem, rectified it and then essentially told the customers - no big deal, your data wasn't that important anyway. If the data had no value, why did the hackers want it in the first place? Atlassian's suggestion that cyber thieves would waste their time 'just for fun' is absurd and offensive to customers who placed their trust in them."

He further lambasted: "In 2024, allowing a bad actor to be successful with such rudimentary business logic manipulation of an API is unimaginable. This was not a sophisticated attack; it was akin to a crook jiggling door handles to see who left their car doors unlocked. If Trello allowed such an API weakness to manifest within their system, how can we be assured that there aren't other just as poorly constructed and monitored APIs currently being exploited?"

The incident with Trello has led to significant discussions around the ongoing importance of cybersecurity, with this event serving as a reminder for companies to treat their APIs as valuable assets, requiring the same level of due diligence as other components of their digital infrastructure.

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Jason Haddix joins Flare as Field Chief Information Security Officer
AI tools linked to data exposure in 1 in 5 UK organisations
Trend Micro introduces AI-driven cyber risk management features
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds