WHO Emails, Passwords Leaked – Cybersecurity Expert Comments

news release issued by the World Health Organization (WHO) today says this week, some 450 active WHO email addresses and passwords were leaked online along with thousands belonging to others working on the novel coronavirus response. The leaked credentials did not put WHO systems at risk because the data was not recent. However, the attack did impact an older extranet system, used by current and retired staff as well as partners. WHO is now migrating affected systems to a more secure authentication system.

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Craig Cooper
Craig Cooper , COO
InfoSec Expert
April 26, 2020 7:22 pm

At a time when the health of the global population is at risk, it\’s truly heartbreaking to have to divert resources from saving lives to saving the PII data of WHO staff. It unfortunately reinforces the need for every organization to secure their systems and data on a continuous basis with modern cyber defenses. Machine learning based security analytics gets ahead of bad actors and would have detected the host compromise that impacted the older WHO system. Monitoring network and host behaviors in real-time is the most effective way to detect anomalous activity indicative of cyberattacks before criminals can gain a foothold to then exfiltrate data.

Last edited 2 years ago by Craig Cooper
Colin Bastable
Colin Bastable , CEO
InfoSec Expert
April 26, 2020 7:15 pm

These credentials are most likely from earlier data breaches, usually where people have used work emails on compromised third-party sites, hotel bookings, rewards programs, etc. The common “covid” nature of the organizations targeted strongly suggests that they are old credentials that have been bundled to take advantage of the current Wuhan virus crisis. The leaks may also be tied to political hostility to the Gates Foundation’s work on vaccinations and its participation in an October 2019 pandemic wargaming session, Event 201. So this “leak” may be a politically-motivated action designed to capitalize on the WHO’s woes and Gates drive to promote his Foundation’s vaccines combined with tech-based lockdown “passports.

Last edited 2 years ago by Colin Bastable
2
0
Would love your thoughts, please comment.x
()
x