Particle.news
Download on the App Store
3 ARTICLES
·
4h ago

Asana Restores AI Integration Server After Customer Data Leak

Asana has notified around 1,000 customers to audit their integration logs as it finalizes its incident report.

What to know about the Asana bug.
Image

Overview

  • A logic flaw in Asana’s Model Context Protocol server exposed data scoped to each user’s permissions between May 1 and June 4.
  • Impacted information may include task details, project metadata, comments, discussions and uploaded files from other organizations.
  • Asana took the MCP server offline on June 5, implemented a code fix and resumed operations on June 17.
  • The company has sent tailored notices with communication forms to affected clients and is compiling a full report on the breach.
  • Administrators are urged to review MCP access logs and report any suspicious data to Asana immediately.