The United Nations Development Programme (UNDP) became the victim of a cyberattack in late March, which also impacted the IT infrastructure of the city of Copenhagen, Denmark.
The UNDP received word of a data-extortion actor stealing its data, some of it related to human resources and procurement.
As the agency continues to assess the scope of the attack, the UNDP noted in a statement that “actions were immediately taken to identify a potential source and contain the affected server.”
The UNDP determined which data was exposed and who is at risk because of the breach. It’s also been in contact with those who have been impacted, as well as with stakeholders, such as UN system partners.
Though the UNDP has not confirmed who the threat actor was, 8Base, a ransomware gang, updated its website in early April, listing UNDP as one of its victims, along with three other entities. The group commented that information such as personal data, certificates, “a huge amount of confidential information,” and invoices, among other things, were uploaded to the servers.
UNDP made no subsequent comment and didn’t address whether a ransom has been demanded or paid.
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt397ca1545e92a530/6622a6161611171304634546/UNCopenhagen_BERK-OZDEMIR_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop
