More than 2000 WHO employees have had their email hacked because of a password that was “lost”.

According to information from SITE Technology Group (SITE Inteligence Group), there have been nearly 25,000 email addresses with passwords believed to be from the National Institutes of Health (NIH – United States), World Health Organization. WHO, the Gates Foundation of billionaire Bill Gates and many organizations are working to solve the corona virus epidemic that has been posted on social networking sites.

SITE currently cannot confirm for sure these are real addresses and passwords. However, Australian security expert Robert Potter confirmed that at least WHO email addresses and passwords are correct.

This list has unclear origins. It seems to be posted on a website called Pastebin, then uploaded to 4chan – a famous forum for political extremist comments, then on Twitter and on Telegram.

The SITE report stated that the biggest exposed group was from NIH, with 9938 emails on the list. CDC (Centers for Disease Control and Prevention) ranked second, with 6857 addresses. The World Bank exposed 5120 emails, while the WHO revealed a total of 2732. Other organizations such as the Gates Foundation, Wuhan Institute of Virology (China) were also attacked, but in small numbers.

WHO confirmed the case on April 22, saying a large number of email addresses were leaked. However, according to the organization, only 457 mail addresses are active and still available, and no account has been officially compromised. “As a precaution, all passwords of 457 exposed accounts were renewed,” – WHO said.

However, according to Potter, he confirmed that he could access the WHO computer system based on those revealed addresses and passwords. Notably the comment: “Their passwords are really confidential, which really scared me. “

“49 people put a password as ‘password'”. In addition, some use their real names, or “changeme” (a song by Justin Bieber).

According to Potter, the above addresses can be purchased from the dark web (websites that are supposed to be the dark side of the internet, inaccessible by a regular browser and a place for hackers to exchange information), thought to be a system. As a result of a hack in 2016, RITE Katz, the CEO of SITE, confirmed the event and was able to buy some information on the dark web, but the incident has not been confirmed. 2 parties involved.

[ Æsir Tales ]
Back to top button