United Nations investigating potential ransomware attack after data ripped from IT systems
8Base claims responsibility for the attack
Hackers managed to break into the United Nations Development Programme (UNDP) IT systems in Copenhagen, stealing a wide range of sensitive data.
Ransomware gang 8Base has claimed responsibility, posting on its own website that the group had managed to get its hands on employment contracts, personal data, invoices and much more.
The UN is yet to point fingers at those responsible, but did issue a statement saying that the attack happened on March 27 - the same date 8Base listed the stolen data on its dark web site.
Yet another UN breach
In a statement the UN said, “On March 27, UNDP received a threat intelligence notification that a data-extortion actor had stolen data which included certain human resources and procurement information. Actions were immediately taken to identify a potential source and contain the affected server as well as to determine the specifics of the exposed data and who was impacted.”
As a large proportion of the data stolen contains information relating to employees of the UN, the organization is still assessing how many of its employees have been affected by the data theft but has said that it is working with victims of the breach to prevent their data being misused by the ransomware group.
The 8Base group operates using a bespoke version of the Phobos ransomware, and since beginning operations in early 2022 has successfully breached over 350 organizations.
While the hacking group claims some level of morality in its practice as an “honest and simple” group looking to expose organizations with less than adequate data security and privacy measures, their manipulative terms of service state that if victims involve any form of law enforcement in any capacity while negotiating payment, their data will be fully published on their site for all to see.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via BleepingComputer
More from TechRadar Pro
- Here is our guide to the best identity theft protection
- MITRE says it was hit by hackers exploiting Ivanti flaws
- These are the best firewalls around
Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.