Share this article on:
A threat actor has claimed to have hacked a database belonging to Atlassian subsidiary Trello, containing over 15 million user records.
According to reports originally posted by HackManac on X (formerly Twitter), the threat actor behind the breach, who goes by the moniker emo, said the database of 15,115,516 records contains user credentials.
“Contains emails, usernames, full names and other account info. 15,115,516 unique lines,” said emo in a post on the infamous BreachForums.
“Selling one copy to whoever wants it, message on me on-site or on telegram if you’re interested.”
The threat actor also posted a sample of the stolen data.
Trello Allegedly Breached: Database of 15,115,516 User Records Up for Sale
— HackManac (@H4ckManac) January 17, 2024
The cybercriminal, who goes by the name 'emo,' claims that the database includes data such as emails, usernames, full names, and other account information.#databreach #CTI #DarkWeb pic.twitter.com/Fim9jOwUzn
According to a post on Have I Been Pwned, the data was reportedly accessed by the threat actor through credentials obtained from previous breaches.
“Containing over 15M email addresses, names and usernames, the data was obtained by enumerating a publicly accessible resource using email addresses from previous breach corpuses. Trello advised that no unauthorised access had occurred,” it said.
Responding to the accusations of a breach, a Trello spokesperson has said that the company has investigated the incident and has been unable to conclude that the data was stolen via a threat actor gaining access.
“We are aware of claims made by a threat actor about Trello user profile data. We completed an exhaustive investigation and have not found evidence to support that this data was gathered by unauthorised access,” the spokesperson said.
“All evidence points to a threat actor testing a pre-existing list of email addresses against publicly available Trello user profiles. The security and privacy of our users’ data is our highest priority, and we continue to monitor Trello closely for any unusual activity.”
Even if the threat actor did not gain access to Trello’s systems and stole the data, the database still presents a major security risk, as other threat actors could use the data to launch phishing attacks.
Hackers could prompt those whose emails are listed to change their password or enter financial information under the guise that they are from Trello themselves.
Trello is a web-based list productivity tool that was purchased by Atlassian in January 2017. It benefited heavily during the COVID-19 pandemic as workers were forced to work remotely, making the tool incredibly valuable for managing employee tasks and workloads.
Trello has suffered security incidents in the past, having exposed its users’ personally identifiable information (PII) through public Trello boards in 2020, as discovered by former Sophos cyber security operations director Craig Jones.