User projects/tasks added to private team upon recovery of deleted project

English Forum Tips and Tricks
, , ,
1

Upon recovering a project a user deleted, the employee was added to a DIFFERENT PRIVATE TEAM!

As an admin, I requested a project be recovered that was deleted by a member of a public team & project. Upon the support team doing so it appears that the user that deleted the project then received access to different private teams & projects within that team.

There should be a historical function or notification as an admin/owner of a team to see why or how this employee gained access to this team and/or other private projects and teams.

This is a MAJOR security flaw and has happened twice now. A project gets deleted, it is recovered by support, and that user then gets access/added to projects and teams they were never a part of!

2

Hi @anon41078894, welcome to the Asana Community Forum :wave:t2:

As we don’t have the tools available to us on the Community Team to look into this on the back end for you, I would suggest reaching back out to our Support Team. They will be able to look into the project recovery and see what happened here!

You can provide the URL link to this thread in your support request so you don’t have to explain the issue again! :slight_smile:

3

This topic was automatically closed after 6 days. New replies are no longer allowed.