United Nations data breach exposed over 100k UNEP staff records

Today, researchers have responsibly disclosed a security vulnerability by exploiting which they could access over 100,000 private employee records of United Nations Environmental Programme (UNEP).

The data breach stemmed from exposed Git directories and credentials, which allowed the researchers to clone Git repositories and gather a large amount of personally identifiable information (PII) associated with over 100k employees.

Ethical hacking and security research group Sakura Samurai have now disclosed their findings on a vulnerability that let them access the private data of over 100,000 United Nations Environment Programme (UNEP) employees.

Read more…
Source: Bleeping Computer