Trello Security in 2026: the Data Leak Risk your IT Team is not Watching

In January 2024, a threat actor operating under the name “emo” exploited an unauthenticated Trello REST API endpoint to scrape and correlate the account data of 15,115,516 users. The scraped dataset, containing email addresses, full names, usernames and account information, was subsequently listed for sale on a dark web hacking forum and published as a 21.1GB file, where it was indexed by Have I Been Pwned and has since been used in targeted phishing campaigns. Atlassian closed the unauthenticated API endpoint. The data remains in circulation.

The API scraping incident is the most visible Trello security story of the past two years, but it is not the primary Trello exposure risk that CybelAngel detects in practice. The more persistent problem is older, simpler and entirely within the control of the organisations it affects: employees and contractors using public Trello boards to share credentials, API keys, internal documentation and personally identifiable information, with the board’s visibility set to public, indexed by Google, and accessible to anyone who finds it.

Trello has more than 50 million users globally and is used by more than 3,000 companies as a project management and collaboration platform. The default setting for a new board is private. The problem is not the default. It is the number of users who change it, intentionally or accidentally, and then share sensitive data on a board that the entire internet can read.

The 2024 Trello breach: what actually happened

Understanding the 2024 incident is important context for 2026 because it illustrates the structural risk that Trello’s architecture creates, independent of any individual user’s behaviour. The Trello REST API contained an endpoint that accepted an email address as a query parameter and returned the associated Trello user’s public profile information, including username, full name and account details, without requiring any authentication. An attacker with a list of email addresses from prior breach compilations could query this endpoint at scale, correlating email addresses to Trello accounts and building a combined dataset of significantly higher value than either source alone.

“Emo” queried the endpoint against a list of approximately 500 million email addresses from prior breaches, identifying 15.1 million that matched active Trello accounts, and compiled the results into a dataset that was listed for sale in January 2024 and published in full in July 2024. Atlassian’s position was that no unauthorised access had occurred because the API endpoint was publicly accessible by design, and that the data returned was technically public information. That position is technically accurate and operationally irrelevant: the data is on dark web forums, indexed and searchable, and it has been used to generate targeted phishing campaigns against Trello users at corporate email addresses ever since.

The practical consequence for IT and security teams in 2026 is that 15.1 million email-to-Trello-account mappings are available to any threat actor building a phishing campaign. If your employees use Trello for work projects, their corporate email addresses are in that dataset. The phishing emails that follow reference Trello specifically, creating a plausible pretext that significantly increases click-through rates compared with generic phishing templates.

What security teams find on public Trello boards in 2026

This is the monitoring gap that external attack surface management is specifically designed to close. CybelAngel scans public collaboration platforms, code repositories, paste sites and the broader public web continuously for references to monitored organisation names, domain names and sensitive data patterns, detecting exposures across the external attack surface before they are found by threat actors.

The categories of sensitive data CybelAngel’s platform detects on public Trello boards fall into five consistent patterns:

Data type exposedHow it appears on TrelloRisk if accessed by a threat actor
Login credentialsUsername and password combinations stored on cards as plain text, often for internal systems, shared WiFi networks, corporate VPNs or third-party SaaS platformsDirect account access to corporate systems, VPNs and SaaS platforms without any technical exploitation required
API keys and tokensDevelopers storing API keys, access tokens, OAuth credentials and service account secrets on Trello cards for easy team accessUnauthorised access to connected APIs, cloud services and third-party integrations; potential for data exfiltration or service abuse
Personally identifiable informationCustomer names, email addresses, phone numbers and internal contact lists stored on project boards for operational convenienceGDPR and CCPA violation exposure; data available for phishing, identity theft and targeted social engineering campaigns
Internal documentationProject briefs, meeting notes, commercial strategy documents, onboarding materials and internal process documentation stored as card attachmentsCompetitive intelligence theft; exposure of business strategy, client lists and internal operational data to competitors or threat actors
Network and infrastructure detailsServer names, IP addresses, network topology diagrams, system architecture notes and internal URL structures shared during technical projectsInfrastructure reconnaissance that informs subsequent intrusion attempts; maps internal systems before an attacker reaches the network

The University of Washington, the United Nations and multiple US federal contractors have all had sensitive data exposed on public Trello boards in documented incidents since 2020. These are not organisations with weak security cultures, they are organisations where individual users made a configuration decision that their IT teams did not know about, could not monitor through internal tools, and discovered only when a security researcher or an attacker found the board externally.

Why internal security tools cannot detect this

Public Trello board exposure is structurally invisible to the monitoring tools that most organisations deploy internally. A data loss prevention tool monitors data moving through corporate email gateways, endpoint agents and sanctioned cloud applications. It does not monitor data entered into a personal Trello account by an employee who is using their own browser on a corporate device, because the data never passed through a monitored channel. A CASB monitors access to known cloud applications from corporate infrastructure. It does not monitor what data an employee stores on a board that is set to public visibility after they access the platform. An endpoint agent monitors application behaviour and file system activity. It does not monitor the content of browser-based form entries on a project management platform.

The practical consequence is that public Trello board exposure can persist for months or years before detection. The board is not flagged by any internal alert. The data remains accessible. And because Google indexes public Trello boards, the data becomes progressively more discoverable over time as search crawlers index additional pages and the board accumulates more content.

This is the monitoring gap that external attack surface management is specifically designed to close. CybelAngel scans public Trello boards continuously for references to monitored organisation names, domain names, product identifiers and sensitive data patterns, detecting exposures as they become public rather than months after they have been indexed and potentially accessed by external parties.

The shadow IT and Shadow AI dimension in 2026

The Trello exposure problem in 2026 has expanded well beyond employees storing passwords carelessly. The rapid adoption of AI tools in everyday project work has created a new category of exposure that most organisations have not yet built governance around.

Employees are now using Trello to coordinate AI-assisted workflows, and the data that ends up on those boards is significantly more sensitive than a shared WiFi password. Common examples seen across industries include:

  • AI prompt libraries containing detailed instructions built around proprietary product information, internal processes or customer segment data
  • LLM outputs stored as reference material on cards, including generated content based on confidential briefs, competitive analysis or internal strategy documents
  • API keys for AI services including OpenAI, Anthropic, Google Gemini and Azure OpenAI, stored on boards for team access convenience
  • Source documents feeding AI tools including customer data exports, sales playbooks, market research reports and onboarding materials used as context for AI-generated content
  • Vendor and contractor coordination boards where AI tool configurations, data pipelines and access credentials are shared across team boundaries without IT visibility

The governance gap is the same as it has always been on Trello — a public visibility setting that an individual changed without understanding the consequence — but the data now sitting behind that setting is orders of magnitude more sensitive than it was five years ago. A board coordinating an AI content project in 2026 may contain the same commercial intelligence that would take a competitor months to gather independently.

How to audit your Trello exposure right now

There are four steps any security team can take immediately to reduce Trello-related exposure without waiting for a detection event.

  • Run a Google dork against your domain. Search for site:trello.com "yourdomain.com" in Google. This surfaces any public Trello board that references your organisation’s domain, which is the fastest manual method for identifying boards that may contain corporate data with public visibility. If results appear, treat each one as a potential exposure requiring immediate review. This is the same technique a threat actor would use during reconnaissance, and CybelAngel’s Google Dorks cheat sheet covers the full set of operator combinations relevant to this type of search.
  • Audit active Trello accounts across your organisation. Most organisations do not have a complete inventory of which employees have active Trello accounts, which boards those accounts are members of, or which of those boards are set to public visibility. An identity and access management audit that includes third-party SaaS platforms used without IT sanctioning, shadow IT, is the structural fix. Without it, the dork search is a point-in-time check that does not address the next board that is created tomorrow.
  • Review Trello’s default visibility settings with your workforce. Trello boards are private by default, but Trello workspaces have a board visibility default that administrators can set. If your Trello workspace is set to “Workspace visible” or “Public” as the default for new boards, every board created in that workspace is visible to anyone by default. Many organisations running Trello at scale have not reviewed this workspace-level setting since the account was created.
  • Implement an ongoing monitoring posture for public board exposure. A one-time audit catches boards that are already public. It does not catch the board that an employee creates next week with sensitive data and public visibility. Continuous external monitoring of code repositories, paste sites, project management platforms and collaboration tools is the only approach that closes the detection gap on an ongoing basis rather than at a point in time.

CybelAngel’s data breach prevention platform monitors Trello continuously alongside GitHub, paste sites, dark web markets and the broader public web, alerting security teams when organisation-sensitive data appears in public locations before that data can be accessed, indexed or exfiltrated by external parties. The alert includes the specific board, the specific data type detected, and the recommended remediation action.

よくある質問

Atlassian, which owns Trello, stated that no unauthorised access to its systems occurred in the 2024 incident. A threat actor exploited a publicly accessible Trello REST API endpoint that accepted email addresses as query parameters and returned user profile information without requiring authentication. By querying this endpoint against a list of approximately 500 million email addresses from prior breaches, the attacker identified 15.1 million active Trello accounts and compiled the results into a dataset that was sold and subsequently published on dark web forums. Atlassian closed the unauthenticated endpoint following the incident, but the scraped data remains in circulation and has been indexed by breach notification platforms including Have I Been Pwned.

In Trello, open the board you want to check and click on the board’s name or the three-dot menu at the top right. Select “Change Visibility” to see the current setting. The three options are Private (only board members can see it), Workspace (members of your Trello workspace can see it), and Public (anyone on the internet can view it). If your board is set to Public, it is indexed by Google and accessible to any visitor without an account. Check your workspace’s default visibility setting in the workspace settings, as this determines the default for every new board created in that workspace.


CybelAngel’s monitoring of public Trello boards identifies five consistent categories of sensitive data: login credentials including usernames and passwords for corporate systems and SaaS platforms, API keys and authentication tokens stored for team access convenience, personally identifiable information including customer contact data, internal project documentation and commercial strategy materials, and network and infrastructure details including server names, IP addresses and system architecture notes. In every case, the data was placed on a public board by someone who either did not realise the board was publicly accessible or did not recognise the data as sensitive enough to require protection.

Yes. Google indexes public Trello boards as part of its standard web crawling, which means any data stored on a public board can appear in Google search results. A search for site:trello.com "yourdomain.com" will return any public Trello boards that reference your organisation’s domain. Security researchers and threat actors use exactly this technique during external reconnaissance. The longer a public board containing sensitive data has been live, the more thoroughly it will have been indexed and cached, meaning that taking the board private or deleting it after discovery does not guarantee the data is no longer accessible through cached search results.

CybelAngel’s external attack surface monitoring continuously scans public Trello boards for references to monitored organisation names, domain names, product identifiers and data patterns associated with sensitive information categories. When a public board is detected that contains data matching a monitored organisation’s profile, the platform generates a specific alert identifying the board URL, the data type detected, and the recommended remediation action. Detection is continuous rather than periodic, which means boards created today are flagged as they become publicly accessible rather than discovered in a quarterly audit. The platform covers Trello alongside GitHub, paste sites, dark web markets and the broader public web as part of an integrated external threat monitoring posture.

著者について