United Nations hacked! Passwords posted!
The United Nations finds itself resecuring its network Wednesday following a hack that resulted in the login details of the employees of several divisions being posted to the Internet. Calling itself TeaMp0isoN, the group calls the UN "a Senate for global corruption" and "sits to facilitate the introduction of a New World Order and a One World Government".
TeaMp0isoN hacked accounts belonging to employees of United Nations Development Programme (UNDP), Organisation for Economic Co-operation and Development (OECD), UNICEF, World Health Organization (WHO) among others. Some of the fault for the hack may lie in the users themselves: TeaMp0isoN notes that several of the user IDs contained no password at all.
"The suspicion is that the hackers were able to take advantage of a vulnerability on the United Nations Development Programme website to extract the IDs, email address and passwords of users", Sophos senior technology consultant Graham Cluley explains.
This is certainly not TeamPoison's first hack. The group was also behind the hack of Research In Motion's company blog back in August, done in retaliation over police response to the UK riots. That hack exposed the personal information of RIM employees to rioters.
It also is aligned with Anonymous in an effort known as "Operation Robin Hood", which aims to target financial institutions.
While the hack appears to be serious, the UN says that the information obtained is not current and of little value. In fact the hacked information could be four-plus years old, with the current systems intact. "The current server of the United Nations Development Programme has not been compromised", a UNDP spokesperson claims.
TeamPoison hacked into an old server, and the 100 or so accounts obtained are no longer active, the UNDP claims.