A group of hackers named Teampoison said they hacked the website of United Nations Development Programme (UNDP) and leaked usernames, passwords and emails, according to a report.
They posted the leaked account details on Pastebin to protest against the organisation, which they called "fraud".
According to the BBC, many of the e-mail accounts listed online appear to belong to members of the UNDP, while some appear to belong to members of the Organization for Economic Co-operation and Development (OECD), the World Health Organization (WHO) and the U.K’s Office for National Statistics (ONS).
UNDP spokeswoman Sausan Ghosheh said that an old server which contained old data was hacked. Ghosheh added: "The UNDP found [the] compromised server and took it offline. The server goes back to 2007. There are no active passwords listed for those accounts. Please note that UNDP.org was not compromised."
Jason Hart, MD, Cryptocard, said that although the data may well be old, it could still contain sensitive information. "The UN has said that the information exposed is old data, but if you look at the YouTube video released by the hackers on Monday it shows account details and usernames as well as personal email addresses."
"As we all know, passwords cross personal and professional lives, so these people could well be compromised at work and at home. I would bet my last pound that most of these people are still using the same password, therefore they are vulnerable to attack," he added.
