Further Down the Trello Rabbit Hole

Credit to Author: BrianKrebs| Date: Wed, 06 Jun 2018 14:45:13 +0000

Last month’s story about organizations exposing passwords and other sensitive data via collaborative online spaces at Trello.com only scratched the surface of the problem. A deeper dive suggests a large number of government agencies, marketing firms, healthcare organizations and IT support companies are publishing credentials via public Trello boards that quickly get indexed by the major search engines.

Read more

When Your Employees Post Passwords Online

Credit to Author: BrianKrebs| Date: Wed, 02 May 2018 19:26:47 +0000

Storing passwords in plaintext online is never a good idea, but it’s remarkable how many companies have employees who are doing just that using online collaboration tools like Trello.com. Last week, KrebsOnSecurity notified a host of companies that employees were using Trello to share passwords for sensitive internal resources. Among those put at risk by such activity included an insurance firm, a state government agency and ride-hailing service Uber.com.

Read more