Skip to main content
  1. Home
  2. Computing
  3. News

U.N. security blunder left secret Trello boards, Google Docs exposed

Jon Martindale
By
Image used with permission by copyright holder

Secretive documents related to the United Nations were left vulnerable to unauthorized access by anyone who stumbled upon the right link, after Trello, Jira, and Google Docs accounts were left improperly configured by staffers. The security gaffe left passwords, organizational documents, and security plans belonging to governments of the United Kingdom and Canada open to the web.

Maybe they should have read our guide on how to use Google Docs.

Recommended Videos

Although each of the unsecured documents did require a unique URL in order to be accessed, that proved far from an effective protective measure when security researcher Kushagra Pathank discovered links to a U.N.-controlled Trello organizational board. In that tool’s ‘card’ system, he went on to find other links to other documents that lead to Google documents and U.N. pages on Jira, an issue-tracking service. These in turn had more links, all of which contained sensitive information. In total, Pathank discovered some 50 boards and documents that he was able to access because of the lack of security options implemented during their setup.

Related

Some of the information he was eventually able to glean from these documents included access to a remote U.N. FTP server, credentials to log in to a Google and Vimeo account associated with the U.N.’s language and learning program, remote access information for certain U.N.-linked meetings, and detailed information about the U.N. website and its development.

Pathak contacted the U.N. in late August to inform it of the issue. Although, as The Intercept highlights, the organization’s technical department ran into some problems replicating the issue, much of the sensitive content has now been taken down or protected behind security credentials. In a statement to The Intercept, a U.N. spokesperson said that all relevant staff had been warned about trusting third-party tools and services with sensitive information and that they should make necessary precautions to protect such data in the future.

Despite rhetoric to the contrary, Pathak believes that much of these latest security concerns arose simply because leaving boards unsecured is easier than securing them. By not adding users to boards and locking them to authorized accounts only, U.N. staffers were able to share URLs in order to give others access. “Adding people to the board seems to be a huge task for these people, but in fact it is really easy,” Pathak said in a statement.

Editors' Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Get this Asus laptop with a year of Microsoft Office for $199
asus vivobook go laptop deal amazon march 2024 lifestyle

You don't need to spend several hundreds of dollars on a new laptop that you'll use as a productivity tool because there are budget-friendly options like the Asus Vivobook Go L510MA. It's actually currently even cheaper from Walmart after an $80 discount, which brings its price down to just $199 from $279 originally. There's no telling how much time is remaining before the offer expires though, so if you want to take advantage of it, you're going to have to proceed with the purchase as soon as possible.

Why you should buy the Asus Vivobook Go L510MA
For a laptop that will be able to handle basic activities like doing online research, building reports, and browsing social media, you can't go wrong with the Asus Vivobook Go L510MA. It's equipped with the Intel Pentium Silver N5030 processor and 4GB of RAM, which are a far cry from the specifications of the best laptops, but it will be enough for simple tasks. The device also comes with a 15.6-inch screen with Full HD resolution, which is pretty large and sharp for its price, but it's still portable as it only weights about 3.5 pounds with a thickness of just 0.72 of an inch.

Read more
These are the 10 best gaming PCs I’d recommend to anyone
Graphics card in the CLX Hathor PC.

We review dozens of gaming PCs each year. In 2024, there are a ton of great options, but we've narrowed them down to a list of the 10 best gaming desktops that deserve your hard-earned money.

In 2024, we still recommend the Alienware Aurora R16 because of its fantastic design, solid performance, and decent value. However, there are several other options depending on your needs and budget. If you want a deeper look into how we evaluate gaming PCs, make sure to read about how we review desktops.

Read more
Samsung’s crazy 57-inch curved 4K monitor is $700 off today
The Samsung Odyssey Neo G9 57-inch mini-LED gaming monitor placed on a desk.

Your investment in gaming PC deals will  go to waste if you don't upgrade your screen, and if you're willing to splurge for the best possible gaming experience, you'll want to go for the 57-inch Samsung Odyssey Neo G9 curved gaming monitor. It's pretty expensive at its original price of $2,500, so you're going to want to take advantage of any discounts that are available. Fortunately, Samsung has slashed its price by $700 so it's down to $1,800 -- it's still not cheap, but once you're playing your favorite games on this monitor, you'll quickly understand why it's worth every single penny.

Why you should buy the 57-inch Samsung Odyssey Neo G9 curved gaming monitor
The Samsung Odyssey Neo G9 curved gaming monitor features a 57-inch screen with dual 4K Ultra HD resolution and a 1000R curvature, so it will fully immerse you in the worlds of the video games that you play with its lifelike details and vivid colors. It also supports HDR 1000 for better visual accuracy, and it uses Quantum Matrix technology for controlled brightness and improved contrast.

Read more