Tech »  Topic »  Vulnerable Database Exposed UN Employees' Data

Vulnerable Database Exposed UN Employees' Data


Researchers Identified Flaw in GitHub Repository for UN Environmental Program Akshaya Asokan (asokan_akshaya) • January 12, 2021

A vulnerability in a GitHub repository belonging to the United Nations Environment Program exposed over 100,000 employee records, including personally identifiable information, contact details and other sensitive data, according to a group of independent security researchers.

See Also: How leading organisations use AI to deliver exceptional customer experiences

UNEP is responsible for coordinating the U.N.'s environmental activities. Sakura Samurai, a new group of ethical hackers, notes in its report the vulnerabilities stemmed from an endpoint that exposed the GitHub repository's credentials.

"The credentials gave us the ability to download the GitHub repositories, identifying a ton of user credentials and [personally identifiable information]. In total, we identified over [100,000] private employee records," says John Jackson, one of the security researchers in the group.

The analysis also revealed that there were ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE