Whether you are a team of many colleagues or an individual who wants to stay on top of things, Trello is a great tool for organizing your life Unfortunately, it has apparently become a prime target for hackers

The organizational tool was reportedly the target of a cyber attack in January, when a hacker calling himself “emo” obtained the Trello account information and full names of approximately 15 million users

Six months later, that information is now for sale on Telegram for just $232 This means that if the hack is real, Trello users could see their details distributed far and wide

Interestingly, the perpetrators of this attack have described how they pulled it off in a Bond villain-like monologue, meaning there is no mystery to this alleged cyberattack

“Trello had an open API endpoint that allowed any unauthenticated user to map their email address to their Trello account,” explains emo

“Initially, we were only going to send emails to the endpoint from the ‘’com”” (OGU, RF, Breached, etc) database, but we decided to keep sending emails until we got tired of it”

Trello itself initially denied that any breach had taken place, but in a recent statement confirmed that “in light of the API abuse uncovered in this January 2024 investigation, we made changes to prevent unauthenticated users/services from requesting other users' public information via email”

If you have any questions, please feel free to contact us

If you are a Trello user, you should be concerned about the possibility of your data falling into the hands of fraudsters While not credit card or banking information, even general account information or full names being leaked can cause trouble

These pieces of information can be put together by threat actors to cause more damage, called a correlated attack But what can we do to protect ourselves?

The first thing is to change your Trello password Two-factor authentication may be cumbersome, but it is a more secure way to protect your account

If your information has been compromised, watch out for an increase in spam emails and phishing scams Also, don't download questionable documents or click on links from untrustworthy emails If this sounds stressful, luckily the best VPNs may have a solution: NordVPN's Threat Protection Pro is a great way to fight phishing scams because it automatically detects and deals with them