ADVERTISEMENT

ClickUp vulnerability exposed 893 customer email addresses and one token

A security researcher claims to have obtained the email addresses of 959 of the project management platform ClickUp’s customers, including employees from Fortune 500 companies and government agencies. All it reportedly took was sending a single HTTP GET request to exploit a hardcoded API key. ClickUp acknowledged the incident.

clickup

Image by Shutterstock

Ernestas Naprys
Ernestas Naprys Senior Journalist
Apr 28, 2026 Updated: 29 April 2026 3 min read
leaking-data-clickup
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.
ADVERTISEMENT

ClickUp acknowledged it’s on them

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites

ADVERTISEMENT