Around 25,000 accounts from the National Institute of Health (NIH), the World Health Organisation (WHO), the Gates Foundation and other organisations working towards containing the coronavirus pandemic were hacked.
The database also seems to carry several IDs from a virology lab in Wuhan, giving rise to fresh speculations and conspiracy theories.
The Washington Post reported that unknown activists posted 25,000 email addresses and passwords online. This was found out by the SITE Intelligence Group, which looks after online extremism and terrorist organisations.
An Australian independent cybersecurity expert Robert Potter said he could verify some of the IDs and passwords from WHO, but added that it could be from an older attack.
The WHO list is genuine but it appears to be from an earlier attack. Healthcare agencies in particular are traditionally quite bad at cyber security.https://t.co/KwDIzfTbTj
— Robert Potter (@rpotter_9) April 22, 2020
The list initially appeared on the message board website 4chan and then on Pastebin. They were then shared on Telegram groups.
According to the SITE report, 9,938 IDs from NIH, 5,120 IDs from World Bank and 2,732 IDs from WHO were leaked.
Email IDs from Gates Foundation, which recently donated USD 150 million to Wuhan Institute of Virology, were also leaked. Wuhan was the epicentre of the pandemic.
WHO has seen a rise in cybercrime attacks since mid-March, Bloomberg quoted chief information officer, Bernardo Mariano as saying. He added that the organisation hasn’t been attacked but employees’ passwords were leaked through other websites.
The WHO used to have one security alert a month, but thus far in April the organisation has received eight from national cybersecurity authorities notifying “of nation-state actor attacks that we are facing,” he said.
The targets of these attacks are top WHO officials like Director-General Tedros Adhanom Ghebreyesus. Israel, European Union, UK, Switzerland, Interpol and even Microsoft had warned WHO of a possible attack, Mariano said.