Digital Trends
Computing

U.N. security blunder left secret Trello boards, Google Docs exposed

Jon Martindale
By
trello google docs un trellosecurity

Secretive documents related to the United Nations were left vulnerable to unauthorized access by anyone who stumbled upon the right link, after Trello, Jira, and Google Docs accounts were left improperly configured by staffers. The security gaffe left passwords, organizational documents, and security plans belonging to governments of the United Kingdom and Canada open to the web.

Maybe they should have read our guide on how to use Google Docs.

Although each of the unsecured documents did require a unique URL in order to be accessed, that proved far from an effective protective measure when security researcher Kushagra Pathank discovered links to a U.N.-controlled Trello organizational board. In that tool’s ‘card’ system, he went on to find other links to other documents that lead to Google documents and U.N. pages on Jira, an issue-tracking service. These in turn had more links, all of which contained sensitive information. In total, Pathank discovered some 50 boards and documents that he was able to access because of the lack of security options implemented during their setup.

Some of the information he was eventually able to glean from these documents included access to a remote U.N. FTP server, credentials to log in to a Google and Vimeo account associated with the U.N.’s language and learning program, remote access information for certain U.N.-linked meetings, and detailed information about the U.N. website and its development.

Pathak contacted the U.N. in late August to inform it of the issue. Although, as The Intercept highlights, the organization’s technical department ran into some problems replicating the issue, much of the sensitive content has now been taken down or protected behind security credentials. In a statement to The Intercept, a U.N. spokesperson said that all relevant staff had been warned about trusting third-party tools and services with sensitive information and that they should make necessary precautions to protect such data in the future.

Despite rhetoric to the contrary, Pathak believes that much of these latest security concerns arose simply because leaving boards unsecured is easier than securing them. By not adding users to boards and locking them to authorized accounts only, U.N. staffers were able to share URLs in order to give others access. “Adding people to the board seems to be a huge task for these people, but in fact it is really easy,” Pathak said in a statement.

Editors' Recommendations

Don't Miss

From Chromebooks to MacBooks, here are the best laptop deals for March 2019
Up Next

Back for the boardroom, Microsoft outlines the future of the Surface Hub
Gate Smart Lock
Product Review

Gate’s Smart Lock is locked and loaded but ultimately lacks important basics

In a world of video cameras and doorbells comes the Gate Smart Lock, a lock with a video camera embedded. It’s a great idea, but lacks some crucial functionality to make it a top-notch product.
Posted By Terry Walsh
every exclusive game in the epic games store
Gaming

Here's a look at how the Epic Games Store is sizing up to the competition

The Epic Games Store has picked up exclusives left and right since its launch last December. From AAA games like The Division 2 to wonderful indies like Hades, the Epic Games store has an impressive library of exclusives.
Posted By Steven Petite
Computing

Changing a PDF into an EPUB file is easier than you might think

If you like to read on a tablet or ebook reader, you'll find that ePUB files offer a number of advantages over PDFs. With this guide, we'll show you how to convert a PDF to EPUB in a few quick steps.
Posted By Jon Martindale
Bixby
Mobile

How to disable Bixby Home on Samsung Galaxy smartphones

Samsung's Bixby virtual assistant can be helpful, but Bixby Home, which sits on the left of the home screen, hardly offers any kind of value. If you're annoyed by its existence, here's how to disable Bixby Home.
Posted By Julian Chokkattu
best 2-in-1 laptops
Computing

Tablet or notebook? Our favorite 2-in-1 PCs give you the best of both worlds

If you can’t decide if you need a tablet or a notebook, then don’t bother. The best 2-in-1 laptops are both, and they can provide all the power you need. Check out our list for the best 2-in-1s for any user.
Posted By Mark Coppock
google unveils stadia streaming service gdc news stage
Computing

How the Google Stadia could lead to a new era of multi-GPU gaming

Google's Stadia could use more than one graphics card to deliver the high-performance visuals it's promised. If that leads to better developer support for multi-GPUs, could that mean gaming with two or more graphics cards could finally be…
Posted By Jon Martindale
intel provides peek at what arctic sound gpu could look like 4
Computing

Intel gives a peek at what its Arctic Sound GPU could look like

A new set of concept images shown at GDC 2019 is providing a peek at what Intel's upcoming modern discrete GPU, code-named. Arctic Sound, could end up looking like when released in 2020.
Posted By Arif Bacchus
Lenovo Chromebook C330
Deals

Here are the best Chromebook deals available in March 2019

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- that won't…
Posted By Lucas Coll
best cheap laptop deals
Deals

From Chromebooks to MacBooks, here are the best laptop deals for March 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we've got you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Posted By Lucas Coll
how to make windows 10 look like 7 cropped wallpaper
Computing

Still miss Windows 7? Here's how to make Windows 10 look more like it

There's no simple way of switching on a Windows 7 mode in Windows 10. Instead, you can install third-party software, manually tweak settings, and edit the registry. We provide instructions for using these tweaks and tools.
Posted By Kevin Parrish
How to uninstall a program in Windows 10
Computing

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.
Posted By Tyler Lacoma
how to adjust high-DPI scaling in Windows 10
Computing

Get the most out of your high-resolution display by tweaking its DPI scaling

Windows 10 has gotten much better than earlier versions at supporting today's high-resolution displays. If you want to get the best out of your monitor, then check out our guide on how to adjust high-DPI scaling in Windows 10.
Posted By Mark Coppock
usb c power bank graphene battery pack
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.
Posted By Simon Hill
Google Pixelbook android apps
Deals

Looking for a Chromebook? The Google PixelBook just got a $200 price cut

Once relatively obscure, Chromebooks have come into their own in a big way in recent years. One of our favorites is the super-sleek Google Pixelbook, and it's on sale right now from Amazon for $200 off, letting you score this premium laptop…
Posted By Lucas Coll