Home > Security > Security News

15 Million Trello Accounts Stolen via Open API Endpoint Were Leaked Online

Published on July 18, 2024
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
+1 more
Edited by:
Novak Bozovic
Novak Bozovic
Tech & VPN Content Specialist
Trello Interface with Blue Background
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google

A threat actor known as 'emo' announced the sale of 15,115,516 Trello members’ accounts on a popular hacking forum in January. The hacker decided to leak the dataset on July 16, which includes email addresses, users’ full names, and public Trello account information.

The cybercriminal allegedly disclosed abusing an unsecured REST API that helped developers to request public information about a Trello profile based on users' ID, username, or email address, as per BleepingComputer.

Emo created a list of 500 million random email addresses, which were then verified against Trello account emails, and combined the results with the obtained account information to put together over 15 million user profiles.

Trello Leaked Data
Image Source: BleepingComputer

The email addresses with associated full names and nicknames matched to personal email addresses make this database useful for doxxing, as these details help to potentially identify, locate, and contact these users.

Atlassian, the owner of Trello, recently confirmed this information and said unauthenticated users/services can no longer request another user's public information by email.

Earlier this month, the infamous ShinyHunters cybercriminal group allegedly leaked 33 million phone numbers related to Twilio-owned Authy on a hacking forum via the data breach of the two-factor authentication app they own. Hackers were able to verify the phone numbers of Authy users by exploiting an unsecured API endpoint.

Another recent API endpoint exploit is the now-patched CVE-2024-37032 Ollama vulnerability, which permitted unauthorized remote code execution. Insufficient validation on the server side of the Ollama REST API enables a potential attacker to send specially crafted HTTP requests to the Ollama API server, which is publicly exposed in Docker installations.

Add a Comment
Related
An abstract image of a data breach settlement with digital currency symbols representing compensation
Cadence Bank Reaches $5.25 Million MOVEit Data Breach Settlement with Claims up to $10,000
Hacker - Control Room - Nodes
Threat Actor Claims Breach of Bahrain National Security Agency, Targets Email Server Infrastructure
Alleged BookMyForex Incident Prompts YES Bank Card Blocks; Company Denies Data Breach
Data breach carried out by anonymous malicious hackers
CarGurus Data Breach Exposes 12.5 Million User Records in Alleged ShinyHunters Compromise
data breach
Cornwall Council Data Breach Exposes Unredacted Complainant PIIs
France Flag - Government Building - Police Car
French Government Discloses Major National Bank Account Registry Breach
Most Popular
45,000 Malicious IPs Dismantled by INTERPOL in Global Operation that Resulted in Over 90 Arrests
XWorm RAT Dominates the Malware-as-a-Service Landscape with 174% Increase in Detections
School - Students - Building
Hanover County Public Schools Investigates Major ‘Data Incident’ That Disrupted Internet Access and Systems
SocksEscort Cybercrime Proxy Network Taken Down in Operation Lightning, Tens of Servers and Domains Seized
Hacker - Formal - Employee - Insider - Office
Former Employee of Cybersecurity Companies Charged in ALPHV (BlackCat) Ransomware Extortion Case
ambulance
Bell Ambulance Breach Exposes Almost 240,000 Patients’ Data, Medusa Ransomware Claims Incident
45,000 Malicious IPs Dismantled by INTERPOL in Global Operation that Resulted in Over 90 Arrests
XWorm RAT Dominates the Malware-as-a-Service Landscape with 174% Increase in Detections
Hanover County Public Schools Investigates Major ‘Data Incident’ That Disrupted Internet Access and Systems
SocksEscort Cybercrime Proxy Network Taken Down in Operation Lightning, Tens of Servers and Domains Seized
Former Employee of Cybersecurity Companies Charged in ALPHV (BlackCat) Ransomware Extortion Case
Bell Ambulance Breach Exposes Almost 240,000 Patients’ Data, Medusa Ransomware Claims Incident

Most Popular
45,000 Malicious IPs Dismantled by INTERPOL in Global Operation that Resulted in Over 90 Arrests
XWorm RAT Dominates the Malware-as-a-Service Landscape with 174% Increase in Detections
School - Students - Building
Hanover County Public Schools Investigates Major ‘Data Incident’ That Disrupted Internet Access and Systems
SocksEscort Cybercrime Proxy Network Taken Down in Operation Lightning, Tens of Servers and Domains Seized
Hacker - Formal - Employee - Insider - Office
Former Employee of Cybersecurity Companies Charged in ALPHV (BlackCat) Ransomware Extortion Case
ambulance
Bell Ambulance Breach Exposes Almost 240,000 Patients’ Data, Medusa Ransomware Claims Incident
45,000 Malicious IPs Dismantled by INTERPOL in Global Operation that Resulted in Over 90 Arrests
XWorm RAT Dominates the Malware-as-a-Service Landscape with 174% Increase in Detections
Hanover County Public Schools Investigates Major ‘Data Incident’ That Disrupted Internet Access and Systems
SocksEscort Cybercrime Proxy Network Taken Down in Operation Lightning, Tens of Servers and Domains Seized
Former Employee of Cybersecurity Companies Charged in ALPHV (BlackCat) Ransomware Extortion Case
Bell Ambulance Breach Exposes Almost 240,000 Patients’ Data, Medusa Ransomware Claims Incident

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: