Security News > 2020 > January > Regus spills data of 900 staff on Trello board set to ‘public’
Another company has ended up accidentally spilling sensitive data from business collaboration tool Trello.
According to a Daily Telegraph report, the company that put the boot to its own throat this time is office space company Regus, which posted performance ratings of 900 managers to a public Trello board.
Trello boards have three visibility settings: Private, Team, and Public.
It seems the Regus parent company IWG carried out covert video assessments using researchers from a company called Applause posing as clients looking for office space.
Because search engines index public Trello boards that meant that anyone with a browser could, in theory, see the data, which included names, addresses, performance ratings, and company training videos.