- ASANA AI-driven tool had an error that exposed user data to other users
- It was fixed after a month but users should be on their guard
Popular Project Management Platform Asana warns users a newly introduced tool may have leaked their data to others on the service
Research from Security Expert Upguard, noticed in early May 2025, introduced the ASANA Model Context Protocol (MCP) server, a tool that lets AI products such as chatgpt or copilot interact with Asana’s work graph.
This allows users to ask information using natural language, manage their tasks and projects using AI and get real-time updates using the MCP standard.
A month of leaks
However, the tool was implemented with an error that exposed data from ASANA deposits to other MCP users.
However, not all data was exposed to as they were limited to each user’s access area.
Given that many companies rely on Asana when managing important tasks and large projects could mean that sensitive information was leaked (such as project metadata, team details, discussions, uploaded files and the like).
Asana apparently discovered the error on June 4, which means the platform leaked data for a month – the company sends messages with links to communication forms to affected organizations, but apart from it remains relatively silent on the case.
We do not know if any users suffered any meaningful damage as a result of this error but the company told Bleeping computer That it affected approx. 1,000 customers. It has more than 130,000 paying customers worldwide, including according to some sources, heavy meetings such as Spotify, Uber or Airbnb.
In any case, users must review asana logs for MCP access, review generated AI -Resume and report to Asana if they see information apparently come in from a separate organization.
In addition, users are advised to set LLM integration to limited access and pause auto-gene connections and bot pipes at the moment.
