Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Threat actor lists Trello database of over 15m records for sale

A threat actor has claimed to have hacked a database belonging to Atlassian subsidiary Trello, containing over 15 million user records.

user icon Daniel Croft
Wed, 24 Jan 2024
Threat actor lists Trello database of 15m for sale
expand image

According to reports originally posted by HackManac on X (formerly Twitter), the threat actor behind the breach, who goes by the moniker emo, said the database of 15,115,516 records contains user credentials.

“Contains emails, usernames, full names and other account info. 15,115,516 unique lines,” said emo in a post on the infamous BreachForums.

“Selling one copy to whoever wants it, message on me on-site or on telegram if you’re interested.”

============
============

The threat actor also posted a sample of the stolen data.

According to a post on Have I Been Pwned, the data was reportedly accessed by the threat actor through credentials obtained from previous breaches.

“Containing over 15M email addresses, names and usernames, the data was obtained by enumerating a publicly accessible resource using email addresses from previous breach corpuses. Trello advised that no unauthorised access had occurred,” it said.

Responding to the accusations of a breach, a Trello spokesperson has said that the company has investigated the incident and has been unable to conclude that the data was stolen via a threat actor gaining access.

“We are aware of claims made by a threat actor about Trello user profile data. We completed an exhaustive investigation and have not found evidence to support that this data was gathered by unauthorised access,” the spokesperson said.

“All evidence points to a threat actor testing a pre-existing list of email addresses against publicly available Trello user profiles. The security and privacy of our users’ data is our highest priority, and we continue to monitor Trello closely for any unusual activity.”

Even if the threat actor did not gain access to Trello’s systems and stole the data, the database still presents a major security risk, as other threat actors could use the data to launch phishing attacks.

Hackers could prompt those whose emails are listed to change their password or enter financial information under the guise that they are from Trello themselves.

Trello is a web-based list productivity tool that was purchased by Atlassian in January 2017. It benefited heavily during the COVID-19 pandemic as workers were forced to work remotely, making the tool incredibly valuable for managing employee tasks and workloads.

Trello has suffered security incidents in the past, having exposed its users’ personally identifiable information (PII) through public Trello boards in 2020, as discovered by former Sophos cyber security operations director Craig Jones.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.