A flaw in the Trello online management, passwords from dozens of public Trello boards may now be mined using a straightforward dork query.
The personal information of millions of users, including credentials, private information, and project-reserved information, could be compromised.
Along with discovering that around forty companies were leaking extremely sensitive information, Kushagra Pathak also disclosed the Trello vulnerability to them swiftly despite the task being extremely difficult and time-consuming. Kushagra Pathak is a certified ethical hacker.
The sole ironic aspect of this tale is that it has been simple to locate the appropriate person or email correspondence because everyone is listed on Trello Boards.
Source: https://securityaffairs.com/72380/data-breach/trello-data-leak.html
"id": "TRE416251223",
"linkid": "trello",
"type": "Data Leak",
"date": "05/2018",
"severity": "50",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"