The United Nations Development Program is investigating security gaps after it was apparently hacked by a group that has a history of accusing the U.N. of corruption.
The TeaMp0isoN group claimed to post the information that looks to belong to people who work at the United Nations Development Program (UNDP), the Organization for Economic Co-operation and Development (OECD), the World Health Organization (WHO), and UNICEF, security firm Sophos said.
The information consisted of more than 100 email addresses and login information that was allegedly from UNDEP online, Sophos reported.
“The gang noted ... that some of the user IDs appeared to have a blank password, news which will make many a system administrator groan and roll their eyes in exasperation,” Sophos said, citing a document posted to PasteBin, which is commonly used by hackers as an information dumping site.
It appears TeaMp0isoN, which in the past has accused the U.N. of corruption, was able to breach the UNDP’s website to extract most of the emails, user names, and passwords, the security firm added.
The hackers also taunted the U.N.’s online security team, saying, “We will let the so called ’security experts’ over at the U.N. figure” out how they were able to break into the sites and extract the data.
A UNDP spokesperson told the BBC that the hackers extracted and posted “old data” from an “old server.”
“UNDP is taking action to close any vulnerabilities on our website,” UNDP spokesperson Sausan Ghosheh told the broadcaster. “Please note that UNDP.org was not compromised.”
TeaMp0isoN accused the U.N. of being an “overseer of many atrocities from Rwanda to Darfur” and “has become a beast that must be stopped or tamed,” according to the PasteBin posting.
The group, which has origins in Spain, has been working with the hacker collective Anonymous Operations in an initiative called Operation Robin Hood that targets banks and other financial institutions.
Anonymous and TeaMp0isoN announced the Robin Hood initiative on Monday, saying “In regard to the recent demonstrations and protests across the globe, we are going to turn the tables on the banks,” adding that they will return money to people who have been “cheated by our system” and banks.
Sophos noted that the group previously hacked the website of Research in Motion, the maker of the BlackBerry smartphone, and also published former U.K. Prime Minister Tony Blair’s private information online.