United Nations hacked – email addresses and passwords leaked

Passwords and login details belonging to the United Nations have been published on the internet by a hacking group who believe that the UN is guilty of corruption.

The TeaMp0isoN hacking gang has leaked over one hundred usernames, email addresses and passwords that appear to belong to individuals at the United Nations Development Programme (UNDP), Organisation for Economic Co-operation and Development (OECD), UNICEF, World Health Organisation (WHO) and other groups.

The gang noted, when publishing their stash on PasteBin, that some of the userids appeared to have a blank password, news which will make many a system administrator groan and roll their eyes in exasperation.

The suspicion is that the hackers were able to take advantage of a vulnerability on the United Nations Development Programme website to extract the IDs, email address and passwords of users.

TeamPoison included alongside its haul of stolen login details a taunt directed at the UN’s online security team…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.