cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

UN agency ransomware attack claimed by 8Base

Threat actors have claimed a cyber attack on the IT systems of the United Nations (UN), which is now investigating the nature of the breach.

user icon Daniel Croft
Mon, 22 Apr 2024
UN agency ransomware attack claimed by 8Base
expand image

The United Nations Development Programme (UNDP), the UN agency responsible for reducing inequality and poverty around the world disclosed that in March, a threat actor breached its IT systems and exfiltrated HR data.

“The United Nations Development Programme (UNDP) recently experienced a cyber attack, in which local IT infrastructure in UN City, Copenhagen was targeted,” said the UNDP in a recent press release.

“On March 27, UNDP received a threat intelligence notification that a data-extortion actor had stolen data which included certain human resources and procurement information.


“Actions were immediately taken to identify a potential source and contain the affected server as well as to determine the specifics of the exposed data and who was impacted.”

The UNDP added that it had launched an investigation to determine the breadth of the attack and what exact data was stolen in the breach. Additionally, it has notified those affected and is reaching out to other UN agencies and partners.

“UNDP takes this incident extremely seriously, and we reiterate our dedication to data security. We are committed to continue working to detect and minimise the risk of cyber attacks,” it said.

Meanwhile, the attack was claimed by ransomware gang 8Base, which listed the UNDP on its dark web leak site.

According to the 8Base listing, the stolen data included accounting documents, personal data, employment contracts, confidentiality agreements, personal files, certificates, invoices, receipts, a “huge amount of confidential information” and more.

The listing was dated 27 March 2024, with the threat group saying it would publish the files on 3 April 2024. The group did so through a now-expired leak link; however, the claims that the above-listed data was included are unable to be verified.

The UNDP is yet to comment on 8Base’s reported leak.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.