Back

United Nations Data Breach: Hackers Obtained Employee Login From Dark Web, Are Executing Ongoing Attacks on UN Agencies

News

...

The data breach was detected and reported to the UN by outside firm Resecurity®, and there is some debate between the two about exactly what was stolen. The UN claims the attackers have only taken screenshots of the internal network. Resecurity®, which was rebuffed by the UN upon offering assistance, says that it has evidence that information has been exfiltrated in the data breach. Resecurity® also claims that at least 53 UN accounts have been targeted with additional attacks since the data breach began. CNN is reporting that “multiple” other security firms detected the data breach and attempted to warn the UN about it, but the UN claims that it had already detected the breach and was taking steps to mitigate it before it was contacted by any outside parties.

The Umoja account that was originally compromised did not have multi-factor authentication enabled; the Umoja website says that the service added that option when it moved to Microsoft Azure in July, a little too late to help the UN... Please continue the article at the source

Newsletter

Keep up to date with the latest cybersecurity news and developments.

By subscribing, I understand and agree that my personal data will be collected and processed according to the Privacy and Cookies Policy

Cloud Architecture
Cloud Architecture
445 S. Figueroa Street
Los Angeles, CA 90071
Google Maps
Contact us by filling out the form.
Try Resecurity products today with a free trial