I can understand why you might be concerned about the security of your data on Trello, but I want to clarify that Trello itself does not steal data. The issue here is that Trello had a vulnerability that allowed users to inadvertently expose their personally identifiable information (PII) data if they made their Trello boards “public”.
Let me explain in more detail. Trello is a popular app that allows users to create and manage personalized to-do lists and coordinate tasks with their teams. By default, Trello boards are set to private, meaning only the user and those they invite to collaborate can access the board. However, users have the option to make their boards public, which means anyone with the board’s URL can view its content.
The problem arose when users made their Trello boards public without realizing that it could expose sensitive information. In this case, their PII data, such as names, email addresses, and potentially even more sensitive information, could be accessed by anyone who stumbled upon their publicly shared Trello board.
This vulnerability was not a result of Trello intentionally stealing data. It was more of a user error or oversight, where individuals unknowingly made their private information public. It’s important to note that Trello has since addressed this issue and implemented changes to prevent these unintended data exposures.
As a cybersecurity professional, I always recommend being cautious when sharing personal or sensitive information online. It’s crucial to understand the privacy settings and security features of any online platform or application you use. In the case of Trello, it’s advisable to keep your boards set to private unless you specifically need to share them with others.
To summarize, Trello itself does not steal data. However, there was a vulnerability that allowed users to inadvertently expose their PII data if they made their Trello boards public. This issue has been addressed by Trello, but it serves as a reminder to always be mindful of our online privacy and take necessary precautions to protect our personal information.