July 16, 2024 at 02:01PM
A threat actor exposed 15 million Trello email addresses by exploiting an unsecured API, selling the data for $2.32. Atlassian, Trello’s owner, acknowledged the issue and secured the API. This method of exploiting unsecured APIs is increasingly utilized, posing significant privacy risks. It’s crucial for organizations to prioritize API security to prevent such misuse.
Based on the meeting notes, the main takeaways are:
– Over 15 million email addresses associated with Trello accounts were released by a threat actor in January.
– The data was collected using an unsecured REST API that allowed the retrieval of public information about Trello users using their Trello ID, username, or email address.
– The leaked data includes non-public email addresses and public Trello account information, such as the user’s full name, and can be used for targeted phishing attacks and doxxing.
– Atlassian confirmed that the information was collected through a Trello REST API that was secured in January, and made changes to prevent unauthenticated users/services from requesting public information by email, while still allowing authenticated users to access publicly available profile information.
– The notes also highlight that unsecured APIs have become a popular target for threat actors, who abuse them to combine non-public information with public profiles, posing significant privacy risks.
These takeaways provide a clear summary of the key points discussed in the meeting regarding the Trello data breach and the broader issue of unsecured APIs being targeted by threat actors.