Tech »  Topic »  United Nations suffers major data breach

United Nations suffers major data breach


Security researchers have discovered and successfully exploited a vulnerability which gave them access to over 100,000 private employee records belonging to the United Nations Environmental Programme (UNEP).

The discovery was made by the ethical hacking and security research group Sakura Samurai after its members Jackson Henry, Nick Sahler, John Jackson and Aubrey Cottle came across the UN's Vulnerability Disclosure Program and Hall of Fame.

In trying to find vulnerabilities to report to the UN, the researchers came across exposed Git directories (.git) and Git credential files (.git-credentials) on domains associated with the UNEP and UN's International Labour Organization (ILO). Sakura Samurai then dumped the contents of these Git files and cloned entire repositories using git-dumper.


Copyright of this story solely belongs to techradar.com . To see the full text click HERE