Trello, the Atlassian-owned project management platform, had data from over 15 million user accounts scraped and posted for sale on a hacking forum in January 2024. A threat actor exploited a publicly accessible API endpoint, feeding email addresses from previous data breaches into it to retrieve matching Trello profile information, including names, usernames, and email addresses. Atlassian disputed calling it a breach, stating that no unauthorized system access occurred and that the data was assembled through a public-facing feature. The company subsequently restricted the relevant API endpoint. The exposed data includes names, usernames, and email addresses. While no passwords or financial data were involved, the combination of a real name tied to a confirmed email address is particularly useful for attackers. It allows them to verify the identity behind an account, making phishing attempts more convincing and targeted. No class-action litigation or regulatory enforcement action specific to this incident has been widely documented. For affected users, the practical risk is an increased likelihood of receiving personalized phishing emails or being targeted in credential stuffing attacks if their email address appears in other breaches. Users should be cautious of unsolicited emails referencing Trello or Atlassian products and consider whether their email address is associated with a strong, unique password on other services.

Project-management platforms collect user accounts, emails, team relationships, board content, task history, attachments, and workflow activity tied to collaboration and operational planning.

Trello continues to operate as part of the Atlassian portfolio. Atlassian has been consolidating its cloud product strategy and discontinuing some older server-based deployment options across its suite. Trello's development has focused on integrations and automation features. No major standalone Trello organizational changes beyond the broader Atlassian context have been prominently reported.