Trello Enterprise Details

    Organization Logo

    Trello Enterprise

    New York City, NY, USA120 employees • Information Technology

    Industry

    Information Technology

    Security Incidents

    1

    Trello is a software company that provides a visual collaboration tool primarily used for project management. Its platform allows users to create boards with lists and cards to organize tasks and projects, facilitating team collaboration and workflow tracking. The tool is popular among businesses of all sizes due to its simplicity, flexibility, and integration capabilities with other applications.

    Security Incidents

    Trello Enterprise Breach of Jan 2024
    Severity Score
    Moderate to Significant

    Type

    Data Breach

    Summary

    In January 2024, a data breach occurred involving Trello where a threat actor named "emo" scraped and then sold data including emails, usernames, and full names of approximately 15 million users. This data was harvested by using pre-existing email addresses to access publicly available Trello user profiles, not through a direct hack of Trello's systems. Trello confirmed the incident and clarified that the information was obtained from publicly accessible sources, combined with email addresses from previous breaches.

    Severity

    The Trello data breach in January 2024 was moderately severe. Although it did not involve direct hacking or unauthorized access to internal systems, the public exposure of around 15 million user profiles (including emails, names, and usernames) still poses significant risks for phishing and social engineering attacks. The data was scraped using publicly accessible information, highlighting vulnerabilities in how public data can be used maliciously.

    Impact

    The Trello data breach in January 2024 affected approximately 15 million users by exposing their emails, usernames, and full names. This exposure came from scraping publicly available user profile information, rather than through a direct hack of Trello's systems. Although passwords and sensitive personal information were not disclosed, the leaked data could still be used for phishing attacks or to strengthen other fraudulent activities.

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos