Security News > 2020 > January > How to avoid the mistakes made in the UN data breach
Targeting UN networks in Geneva and Vienna, the attacker was able to compromise accounts and data at dozens of servers, prompting one senior UN IT official to call it a "Major meltdown," the New Humanitarian said.
"These things...attempts to attack the UN IT infrastructure happen often. The attribution of any IT attack is remains very fuzzy and uncertain. So, we are not able to pinpoint to any specific potential attacker, but it was, from all accounts, a well‑resourced attack."
Though the hacker hit only development servers and may not have compromised sensitive information, the attack points to two errors or missteps made by the UN. First, the organization failed to properly patch its systems and servers ahead of time.
While the UN grapples with the revelation of this attack, the matter serves as a warning to other organizations on how to prevent and deal with data breaches.
TechRepublic: How was the hacker able to gain access to UN servers? I know it was through a flaw in SharePoint, but can you explain exactly how the flaw was exploited?
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)
- Henry Schein discloses data breach a year after ransomware attack (source)