United Nations hacked, passwords leaked

Team Poison strikes again

TODO alt text

The United Nations has been hacked by Team Poison, with passwords, email addresses and usernames of UN workers pasted onto a public site.

The hacking collective, last seen defacing RIM's website after it pledged to co-operate with police over the use of BBM during the London riots this summer, accuses the UN of corruption.

Departments whose information appears to have been compromised include the UN Development Programme (UNDP), the Organisation for Economic Co-operation and Development (OECD), UNICEF and the World Health Organisation.

UNightmare

Graham Cluely, security expert at Sophos, noted, "The suspicion is that the hackers were able to take advantage of a vulnerability on the United Nations Development Programme website to extract the IDs, email address and passwords of users."

This information was posted on a public PasteBin page, so we should hope that the UN is advising all its employees to change their passwords pretty darn quickly.

That's if they even had passwords set to begin with – Team Poison pointed out that many usernames came devoid of a security pass. Tsk tsk.

From Sophos