IMF confirms some accounts were hacked following cyberattack

Roughly a dozen emails were compromised in an attack discovered in February

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Someone broke into almost a dozen IMF email accounts, but it’s yet unknown what they did with the information found there.

The International Monetary Fund (IMF), a UN financial agency funded by 190 member countries, confirmed the breach in a press release published late last week, as well as in a short statement given to BleepingComputer.

According to the press release, the IMF detected the breach in mid-February this year, after which it brought in independent cybersecurity experts to launch an in-depth investigation and determine the nature of the breach. The investigation determined that 11 IMFemail accountswere compromised.

Connections to Microsoft

“We have no indication of further compromise beyond these email accounts at this point in time,” the IMF said in the announcement. “The investigation into this incident is continuing.”

Following the discovery, the IMF took certain “remediation actions”, but did not elaborate what that exactly means. It said that the impacted accounts were re-secured.

“The IMF takes prevention of, and defense against, cyber incidents very seriously and, like all organizations, operates under the assumption that cyber incidents will unfortunately occur. The IMF has a robust cybersecurity program in place to respond quickly and effectively to such incidents,” it concluded in the press release.

In a short statement given toBleepingComputer, the IMF confirmed usingMicrosoft365, but stressed that the incident “does not appear to be part of Microsoft targeting.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Earlier this year, Microsoft announced it was being targeted by a Russian state-sponsored threat actor known as MidnightBlizzard. This group dwelled on Microsoft’s systems for a month, and stole roughly two dozen corporate emails.

A few days after the news broke,Hewlett PackardEnterprise (HPE) reported of Russian hackers also breaching some of its Microsoft Office 365 email accounts and stealing sensitive data found there.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Your next smartwatch could be battery-free – and powered by your skin