United Nations Data Breach: Hackers Obtained Employee Login From Dark Web, Are Executing Ongoing Attacks on UN Agencies

...

The data breach was detected and reported to the UN by outside firm Resecurity®, and there is some debate between the two about exactly what was stolen. The UN claims the attackers have only taken screenshots of the internal network. Resecurity®, which was rebuffed by the UN upon offering assistance, says that it has evidence that information has been exfiltrated in the data breach. Resecurity® also claims that at least 53 UN accounts have been targeted with additional attacks since the data breach began. CNN is reporting that “multiple” other security firms detected the data breach and attempted to warn the UN about it, but the UN claims that it had already detected the breach and was taking steps to mitigate it before it was contacted by any outside parties.

The Umoja account that was originally compromised did not have multi-factor authentication enabled; the Umoja website says that the service added that option when it moved to Microsoft Azure in July, a little too late to help the UN... Please continue the article at the source