The United Nations Growth Programme (UNDP) is investigating a cyberattack after menace actors breached its IT programs to steal human sources knowledge.
UNDP, the UN’s world improvement community, works in over 170 international locations and territories and depends on donations from UN member states and personal sector/multilateral organizations to assist eradicate poverty and combat inequality and exclusion.
In a press release revealed Tuesday, the group revealed that the attackers hacked into native IT infrastructure in UN Metropolis, Copenhagen, in late March.
“On March 27, UNDP received a threat intelligence notification that a data-extortion actor had stolen data which included certain human resources and procurement information,” the UN company disclosed.
“Actions were immediately taken to identify a potential source and contain the affected server as well as to determine the specifics of the exposed data and who was impacted.”
UNDP is now investigating the character and scope of the incident and assessing the assault’s influence on people whose data was stolen.
It additionally alerted and is now working with these affected by the breach to allow them to shield their private data from misuse.
Claimed by 8Base
Whereas the UN company has but to hyperlink the assault to a particular menace group, the 8Base ransomware gang added a brand new UNDP entry to its darkish net knowledge leak web site on March 27.
The attackers say that the paperwork their operators managed to exfiltrate throughout the breach include massive quantities of delicate data.
The recordsdata they quickly leaked by way of a now-expired hyperlink allegedly embrace “a huge amount of confidential information,” private knowledge, accounting knowledge, certificates, employment contracts, confidentiality agreements, invoices, receipts, and extra.
8Base emerged in March 2022, and their exercise spiked in June 2023 after they began attacking firms throughout a broader vary of trade verticals and switching to double extortion.
The gang launched its knowledge leak website in Could 2023, with the extortion group claiming to be “honest and simple” pen testers focusing on “companies that have neglected the privacy and importance of the data of their employees and customers.”
To this point, this ransomware group has listed over 350 victims on its website, asserting as much as six victims without delay on some days. 8Base makes use of a personalized model of Phobos ransomware, a malware that first surfaced in 2019 and shares many code similarities with Dharma ransomware.
The United Nations Environmental Programme (UNEP) additionally disclosed an information breach in January 2021 after over 100,000 worker data containing personally identifiable data (PII) have been uncovered on-line.
UN networks in Geneva and Vienna have been additionally breached in July 2019 by way of a Sharepoint vulnerability, exposing workers data, medical insurance, and business contract knowledge in what a UN official described as a “major meltdown.”
