Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Setting the record straight about Trello user profile data

January 23, 2024

Hey Trello Community,

 

We are aware of claims made by a threat actor about Trello user profile data. We completed an exhaustive investigation and did not find evidence to support that this data was gathered by unauthorized access. A threat actor, who was in possession of a pre-existing list of email addresses, used those email addresses to lookup public Trello user profiles. The email addresses and the public Trello user profile data were combined to create the final data set.

We want to reassure you that the threat actor only obtained Trello user profile information that was already publicly available and combined this information with email addresses that the threat actor had obtained from another source.

There is no action you need to take related to your Trello account, however, please review your Trello privacy settings to ensure anything in a public field is something you don’t mind being public. To view your public profile, log into Trello and go to trello.com/you.

Moreover, here are some general best practices to keep your account secure:

  • Enable two-factor authentication on your Trello account.

  • Use a strong unique password mixing letter, numbers, and special characters.

  • You can also use a password manager such as LastPass or Bitwarden to generate and manage your account’s password.

We have more details on these practices to increase the protection of your account here: Protect your Atlassian account | Atlassian Support.

If you have additional questions, please reach out to our Trello Support team here.

Comment
Watch
Like # people like this
6664 views

8 comments

Lee Henderson
Lee Henderson
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 24, 2024

The linked profile page link does not work and redirects to the home page. I can understand why it would be disabled now, but please provide complete information on what data about a user was previously available there. This would constitute a fuller disclosure. 

Like Andy Gladstone likes this
Brittany Joiner
Brittany Joiner
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 24, 2024

@Lee Henderson are you logged in? You might need to log in and then you can click that. Took me straight to my profile page when I clicked it

Like # people like this
Brittany Joiner
Brittany Joiner
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 24, 2024

@Erika Storli thanks for the transparency and update here!

Like # people like this
Awephton
Awephton January 25, 2024

I received the notice that the Trello board was scaped and the information will be sold. What measurement need to be made? As I trusted it was safe and used Atlassian to further enhance the security, there are a lot of info that could hert my company badly if leaked.

Like Eliane Oliveira likes this
Awephton
Awephton January 25, 2024

" Trello: In January 2024, data was scraped from Trello and posted for sale on a popular hacking forum. Containing over 15M email addresses, names and usernames, the data was obtained by enumerating a publicly accessible resource using email addresses from previous breach corpuses. Trello advised that no unauthorised access had occurred.

Compromised data: Email addresses, Names, Usernames"

Like
Eliane Oliveira
Eliane Oliveira
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 25, 2024

Bom Dia.

Entrei agora no meu perfil do Trello e 2 áreas de trabalho da minha conta estão zeradas(sem informações) que eu tinha cadastrado de clientes. Como faço para recuperar?

URGENTE!!

ENTREI DE NOVO NA CONTA E APARECEU TUDO!

Like
Alex Waite
Alex Waite
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 30, 2024

@Awephton - Only information that was already publicly available on your Trello account may have been viewed. To view your public profile, log into Trello and go to https://trello.com/you. The information displayed here is publicly available.

We have more details about what kind of information is available publicly here: https://support.atlassian.com/trello/docs/removing-trello-content-from-google/

Like
Alex Waite
Alex Waite
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 30, 2024

@Eliane Oliveira - it sounds like the issue you're facing is not related to this thread. If you're still experiencing an issue, please create a Community question describing the issue you're facing at https://community.atlassian.com/t5/forums/postpage/board-id/trello-questions and our Community will be able to assist you. 

Like

Comment

Log in or Sign up to comment
Erika Storli

Erika Storli

Atlassian Team
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.

About this author

Senior Product Marketing Manager, Trello

2 accepted answers

61 total posts

View profile
Trello
Trello
TAGS
AUG Leaders

Atlassian Community Events

    See all events