Stolen Credentials Led to Data Theft at United Nations

A threat actor used stolen credentials from a United Nations employee to breach parts of the UN’s network in April and steal critical data, a spokesman for the intergovernmental organization has confirmed.

That data lifted from the network can be used to target agencies within the UN, which already has experienced and responded to “further attacks” linked to the breach, Stéphane Dujarric, spokesman for the UN Secretary-General, told Bloomberg, which broke the news in a report published Thursday.

“We can confirm that unknown attackers were able to breach parts of the United Nations infrastructure in April of 2021,” Dujarric said, according to the report. “The United Nations is frequently targeted by cyberattacks, including sustained campaigns.”

Read more…
Source: ThreatPost