Data Breach Report: Trello Email Addresses Leak
Blog/
Breach

Data Breach Report: Trello Email Addresses Leak

The breach was made possible by exploiting an exposed Trello API, allowing the association of email addresses with public Trello profiles.
Austin Ian Davies
Solution Architect
3 mins
July 18, 2024
TABLE OF CONTENTS

Exposed Trello API Leads to Data Breach

Trello has experienced a significant data breach, exposing the names and email addresses of over 15 million users. On January 23, 2024, it was revealed that these email addresses were leaked and put up for sale on a hacking forum. The breach was made possible by exploiting an exposed Trello API, allowing the association of email addresses with public Trello profiles.

Incident Details

A threat actor, known as 'emo,' leveraged a publicly accessible API endpoint provided by Trello. This endpoint allowed querying for public profile information using an email address without requiring authentication. Using a list of 500 million email addresses, the actor identified those associated with Trello accounts and compiled profiles containing email addresses, usernames, full names, and other account information.

The hacker then advertised this dataset, consisting of 15,115,516 unique lines, on a popular hacking forum, offering to sell a single copy of the data to interested parties​.

Method of Exploitation

API Misuse: The Trello API was designed to allow developers to integrate Trello services into their applications. One endpoint, meant to query public profile information using a Trello ID or username, could also be queried using email addresses.

Scraping: The threat actor used this capability to test email addresses against the API and retrieve associated public profile information.

Proxy Servers: To bypass the API's rate limits, the hacker employed multiple proxy servers to maintain a constant querying rate​​.

Company Response

Atlassian, Trello's parent company, confirmed that the data was not accessed through unauthorized means but rather scraped from public profiles using the API. In response to the incident, the API endpoint has been modified to require authentication, ensuring that only authenticated users can request public profile information by email. This change aims to balance the prevention of API misuse with maintaining functionality for legitimate users​ ​.

Potential Risks

Phishing Attacks: The exposure of email addresses linked to public profiles can facilitate targeted phishing campaigns, where attackers impersonate Trello or related services to extract sensitive information from users.

Identity Theft: Associating email addresses with public profiles increases the risk of identity theft and other forms of cyber fraud​​.

Recommendations

Enhanced API Security: Companies should implement robust authentication and authorization mechanisms for APIs to prevent unauthorized data scraping.

Rate Limiting: Effective rate limiting and monitoring can help detect and mitigate unusual activity patterns indicative of scraping attempts.

User Awareness: Users should be educated about the potential risks of data breaches and advised to remain vigilant against phishing attempts.

Conclusion

The Trello data breach underscores the importance of securing APIs and monitoring for potential misuse. By implementing stronger security measures and raising user awareness, companies can mitigate the risks associated with such incidents and protect their users' data.

Why Product Security Teams choose Aptori

Reduce Risk with Proactive Application Security
Are you in need of an automated API security solution that's a breeze to set up? Aptori is your answer. Aptori effortlessly discovers your APIs, secures your applications, and can be implemented in just minutes.

✅ AI-Powered Risk Assessment and Remediation
Aptori leverages advanced AI to assess risks and automate remediation. This intelligent approach ensures vulnerabilities are identified and fixed swiftly, minimizing your exposure to potential threats.

✅ Seamless SDLC Integration and Lightning-Fast Setup
With Aptori, setting up and conducting application security scans is a breeze. Our solution seamlessly integrates into your SDLC, providing comprehensive security insights and expediting the remediation process, all in a matter of minutes.

Ready to see Aptori in action? Schedule a live demo and witness its capabilities with your Applications. We're excited to connect and showcase how Aptori can transform your security posture!

Experience the full potential of Aptori with a free trial before making your final decision.

Free API Security Assessment
See your Applications through an attacker's eyes.
Free Assessment
TOPICS
No items found.
RELATED POSTS
No items found.
Get started with Aptori today!
The AI-Enabled Autonomous Software Testing Platform for APIs
GEt started
Code, Test, Secure
Unlock the Power of DevOps, Secure Your Code, and Streamline Testing with 'Code, Test, Secure' Newsletter!
Subscribe
LATEST POSTS
API Security for PCI Compliance: Navigating PCI DSS 4.0 Requirements
Essential Security Headers Every Developer Should Know
CI/CD Security Best Practices
Best practices for implementing Continuous Threat Exposure Management (CTEM)
Liked what you read?
Check out these posts next
Best Practices
Essential Security Headers Every Developer Should Know
Sep 22, 2024
  
10 mins
Best Practices
CI/CD Security Best Practices
Sep 17, 2024
  
10 mins
Best Practices
Best practices for implementing Continuous Threat Exposure Management (CTEM)
Sep 11, 2024
  
10 mins
Insights
Continuous Threat Exposure Management (CTEM): The Next Step in Proactive Cyber Defense
Sep 6, 2024
  
6 mins
Insights

Featured Posts

See all articles
Best Practices
The API Security Checklist - Best Practices To Implement
The OWASP API Security Checklist emphasizes strong authentication, data protection, security testing, and monitoring to uphold user trust and system resilience.
October 10, 2023
Insights
Exploring API Rate Limiting and How to Test Limits Effectively
Rate limiting helps to prevent resource overuse and protect against various types of abuse, such as denial-of-service attacks or brute force attacks.
April 24, 2024
Insights
Securing GraphQL APIs - A Guide to OWASP GraphQL Security Cheat Sheet
Dive into the essentials of GraphQL security with our comprehensive guide, exploring common attacks and best practices as outlined in the OWASP GraphQL Security
July 1, 2023
Insights
The Importance of Input Validation and Output Encoding in API Security Testing
Input validation prevents malicious or inappropriate data from entering your system.
June 27, 2023

Application Security Learning Center

Application Security Posture Management (ASPM)

Application Security Posture Management

Autonomous Testing - Redefining Software Quality Assurance

Autonomous Testing

Developer-First Security

Developer First Security

Secure Coding - Best Practices to Write Resilient and Robust Code

Secure Coding

Secure by Design

Secure by Design

Shift Left Security Testing

Shift Left Security Testing

Get started with Aptori today!

AI-Powered Risk Assessment and Remediation

Reduce Risk With Proactive Application Security

Get StartedRequest a demo

Need more info? Contact Sales

Aptori
Reduce Risk with Proactive Application Security.

Aptori, your AI teammate, performs static, dynamic, and semantic testing of your software to identify vulnerabilities and suggest solutions, ensuring both security and high quality. At the heart of Aptori lies Semantic Testing, which significantly enhances security testing, triage, and remediation for applications and APIs. By elevating detection and response capabilities, Aptori strengthens the development of secure by design software, dramatically reducing the risk of data breaches.
PLATFORM
Why Aptori
          
RESOURCES
InsightsGuidesGlossaryWhitepaperDocumentation
SOLUTIONS
Application Security TestingAPI Security TestingAPI Risk AssessmentAutomated API Pen TestingPrevent BOLA AttacksAutomated Penetration Testing
NEWSLETTER
Get monthly news and insights in your inbox