Priya Patel
TLDR:
– Over fifteen million email addresses associated with Trello accounts have been put up for sale on the Breached hacking forum after they were stolen in January using an unsecured REST API.
– The leaked data includes email addresses and public Trello account information, posing a risk for phishing attacks and unauthorized access to sensitive information.
Article:
A hacker has started selling stolen Trello details on the Breached hacking forum, including over fifteen million email addresses associated with Trello accounts. This data, which was obtained in January through an unsecured REST API, poses a significant risk as it includes email addresses and public Trello account information. This information could be used by bad actors in phishing attacks and for gaining unauthorized access to sensitive data, such as passwords.
Atlassian, the owner of the Trello platform, has acknowledged the breach and has made changes to the Trello REST API in response to the incident. They have restricted unauthenticated users/services from requesting another user’s public information by email, while still allowing authenticated users to request information publicly available on another user’s profile via the API.
Risks like these highlight the importance of comprehensive threat surface mapping for applications, especially in today’s distributed architectures. Ray Kelly from Synopsys Software Integrity Group emphasizes the need to address issues like improper authentication on a single API call, as even a single overlooked endpoint can become a significant vulnerability that threat actors could exploit for malicious purposes.
As cyber threats continue to evolve, it is crucial for organizations to stay vigilant and proactive in securing their systems and data. Monitoring the use of APIs, implementing strong authentication measures, and regularly assessing and patching vulnerabilities are essential steps in mitigating the risk of data breaches and unauthorized access.
