- The tool with AI AI had an error that exposed user data to other users
- It was fixed after a month, but users should be on guard
The popular Asana Project Management Platform warns of users that a recently introduced tool may have filtered their data to others in the service
Research from UPguard security experts pointed out in early May 2025, Asana introduced the server of the Model Context (MCP) protocol, a tool that allows AI products such as Chatgpt or Copilot to interact with Asana’s work chart.
This allows users to consult information about natural language, manage their tasks and projects with the help of AI and obtain real -time updates using the MCP standard.
One month of leaks
However, the tool was implemented with an error that exposed asana instances data to other MCP users.
However, not all data were exposed, since it was limited to each user’s access.
Even so, since many companies trust Asana by administering important tasks and large projects, it could mean that confidential information was leaked (such as project metadata, team details, discussions, loaded and similar files).
Apparently, Asana discovered the error on June 4, which means that the platform was filtering data for a month: the company is sending notices with links to communication forms to impacted organizations, but apart from that it remains relatively silent on the matter.
We do not know if any user suffered any significant damage as a result of this defect, but the company said Bleepingcomputer which hit approximately 1,000 clients. It has more than 130,000 clients who pay worldwide, including, according to some sources, large batters such as Spotify, Uber or Airbnb.
In any case, users must review Asana records for access to MCP, review the generated summaries and inform Asana if you see the information that apparently comes from a separate organization.
In addition, users are advised to establish the integration of LLM into restricted access and pause automatic reconnections and Bot pipes for the moment.
