Government of Canada

The governments of Canada was exposed to the entire internet details of software bugs and security plans, as well as passwords for servers, official internet domains, conference calls, and an event-planning system by misconfiguring pages on Trello, a project management website.

25 Canadian government trello boards had sensitive information, such as remote file access, or FTP, credentials, and login details for the Eventbrite event-planning platform.

The government of Canada said, Departments and agencies of the Government of Canada must apply adequate security controls to protect their users, information, and assets.

Employees are being reminded of their obligation never to communicate or store sensitive information on Trello boards or any other unauthorized digital tool or service.

Source: https://theintercept.com/2018/08/16/trello-board-uk-canada/

"id": "GOV12181122",
"linkid": "government-of-canada",
"type": "Data Leak",
"date": "08/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"