<ul data-eligibleForWebStory="true"><li>Asana introduces Model Context Protocol (MCP) server tool for AI interaction in May 2025, allowing natural language queries and real-time updates.</li><li>A bug in the tool exposed Asana user data to other MCP users, potentially leaking sensitive information like project metadata and team details.</li><li>The bug was discovered on June 4 after leaking data for a month, affecting around 1,000 customers out of Asana's 130,000 paying customers worldwide.</li><li>Asana is sending notices to impacted organizations and advising users to review logs for MCP access and set restrictions on integrations for safety.</li></ul>

Asana admits one of its AI features might have exposed your data to other users

Discover more