Expert Comments

WHO Emails, Passwords Leaked – Cybersecurity Expert Comments

Expert(s): Security Experts
Expert(s): Security Experts

news release issued by the World Health Organization (WHO) today says this week, some 450 active WHO email addresses and passwords were leaked online along with thousands belonging to others working on the novel coronavirus response. The leaked credentials did not put WHO systems at risk because the data was not recent. However, the attack did impact an older extranet system, used by current and retired staff as well as partners. WHO is now migrating affected systems to a more secure authentication system.

Experts Comments

Dot Your Expert Comments
Craig Cooper
April 26, 2020
COO
Gurucul

It unfortunately reinforces the need for every organization to secure their systems and data.
At a time when the health of the global population is at risk, it's truly heartbreaking to have to divert resources from saving lives to saving the PII data of WHO staff. It unfortunately reinforces the need for every organization to secure their systems and data on a continuous basis with modern cyber defenses. Machine learning based security analytics gets ahead of bad actors and would have detected the host compromise that impacted the older WHO system. Monitoring network and host behaviors.....Read More
At a time when the health of the global population is at risk, it's truly heartbreaking to have to divert resources from saving lives to saving the PII data of WHO staff. It unfortunately reinforces the need for every organization to secure their systems and data on a continuous basis with modern cyber defenses. Machine learning based security analytics gets ahead of bad actors and would have detected the host compromise that impacted the older WHO system. Monitoring network and host behaviors in real-time is the most effective way to detect anomalous activity indicative of cyberattacks before criminals can gain a foothold to then exfiltrate data.  Read Less
Colin Bastable
April 26, 2020
CEO
Lucy Security

The common “covid” nature of the organizations targeted strongly suggests that they are old credentials.
These credentials are most likely from earlier data breaches, usually where people have used work emails on compromised third-party sites, hotel bookings, rewards programs, etc. The common “covid” nature of the organizations targeted strongly suggests that they are old credentials that have been bundled to take advantage of the current Wuhan virus crisis. The leaks may also be tied to political hostility to the Gates Foundation’s work on vaccinations and its participation in an October.....Read More
These credentials are most likely from earlier data breaches, usually where people have used work emails on compromised third-party sites, hotel bookings, rewards programs, etc. The common “covid” nature of the organizations targeted strongly suggests that they are old credentials that have been bundled to take advantage of the current Wuhan virus crisis. The leaks may also be tied to political hostility to the Gates Foundation’s work on vaccinations and its participation in an October 2019 pandemic wargaming session, Event 201. So this “leak” may be a politically-motivated action designed to capitalize on the WHO’s woes and Gates drive to promote his Foundation’s vaccines combined with tech-based lockdown “passports.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

Hackers Steal Wealth of Data from Game Giant EA

Researchers Create Un-hackable Quantum Network, Expert Weighs In

Italian Government Announces National Cybersecurity Agency

JBS Pays $11 Million Dollars in Cyber Ransom

Malware Stole 1.2TB Private Data From 3 Mil PCs

Experts React: RockYou2021, Largest Password Leak

Colonial Pipeline CEO Grilled by Senate but Experts Think Different

Experts Inisght On Security Threats Of VPN And What Organisations...

Kent School’s Suffer Cyberattack With Systems Offline And Data Stolen

NY City Law Dept Computer Systems Hacked & Shut Down...

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy