United Nations investigating potential ransomware attack after data ripped from IT systems

8Base claims responsibility for the attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers managed to break into the United Nations Development Programme (UNDP) IT systems in Copenhagen, stealing a wide range of sensitive data.

Ransomwaregang 8Base has claimed responsibility, posting on its own website that the group had managed to get its hands on employment contracts, personal data, invoices and much more.

The UN is yet to point fingers at those responsible, but did issue a statement saying that the attack happened on March 27 - the same date 8Base listed the stolen data on its dark web site.

Yet another UN breach

In a statement the UN said, “On March 27, UNDP received a threat intelligence notification that a data-extortion actor had stolen data which included certain human resources and procurement information. Actions were immediately taken to identify a potential source and contain the affected server as well as to determine the specifics of the exposed data and who was impacted.”

As a large proportion of the data stolen contains information relating to employees of the UN, the organization is still assessing how many of its employees have been affected by the data theft but has said that it is working with victims of the breach to prevent their data being misused by the ransomware group.

The 8Base group operates using a bespoke version of the Phobos ransomware, and since beginning operations in early 2022 has successfully breached over 350 organizations.

While the hacking group claims some level of morality in its practice as an “honest and simple” group looking to expose organizations with less than adequate data security and privacy measures, their manipulative terms of service state that if victims involve any form of law enforcement in any capacity while negotiating payment, their data will be fully published on their site for all to see.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ViaBleepingComputer

More from TechRadar Pro

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

LG Electronics sets ambitious B2B revenue goal to offset declining consumer demand

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics