The United Nations Development Programme (UNDP) announced this week that it’s investigating a cyberattack that resulted in information getting compromised.
In a statement, the organization said the attack targeted local IT infrastructure in UN City, the Copenhagen-based complex that houses nearly a dozen UN agencies.
The UNDP said it learned on March 27 that a “data-extortion actor had stolen data which included certain human resources and procurement information”.
“Actions were immediately taken to identify a potential source and contain the affected server as well as to determine the specifics of the exposed data and who was impacted,” the agency said.
“UNDP is currently conducting a thorough assessment of the nature and scope of the cyber-attack, and we have maintained ongoing communication with those affected by the breach so they can take steps to protect their personal information from misuse. Additionally, we are continuing efforts to contact other stakeholders, including informing our partners across the UN system,” it added.
While UNDP has not shared any additional information on the incident, the organization was apparently targeted in a ransomware attack conducted by a group named 8base.
The UNDP was listed on 8base’s Tor website on March 27. The hackers appear to have published the files allegedly stolen from the UN agency roughly one week later. They claim to have obtained invoices, receipts, accounting documents, certificates, confidential agreements, employment contracts, and personal information.
However, when this article was being written, the link pointing to the stolen UNDP files was not working.
UNDP has likely refused to pay any ransom, considering that the files were published shortly after the organization was named as a victim.
Related: United Nations Environment Programme Exposed 100,000 Employee Records
Related: Leaked Report Shows United Nations Suffered Hack
Related: IMF: Financial Firms Lost $12 Billion to Cyberattacks in Two Decades
Related: UN Adopts Resolution Backing Efforts to Ensure Artificial Intelligence is Safe
