April 19, 2024 at 02:24PM
The UNDP experienced a cyberattack in late March, impacting its IT infrastructure and the city of Copenhagen, Denmark. Data, including human resources and procurement information, was stolen. The agency is assessing the attack’s scope, identifying affected data, contacting impacted individuals and stakeholders, and addressing the breach. A ransomware gang, 8Base, listed UNDP as a victim on its website but UNDP did not confirm any ransom demand.
Based on the meeting notes, here are the clear takeaways:
1. The United Nations Development Programme (UNDP) and the city of Copenhagen, Denmark, were impacted by a cyberattack in late March, affecting their IT infrastructure.
2. The attack resulted in data theft, particularly related to human resources and procurement, prompting immediate actions by the UNDP to identify the source and contain the affected server.
3. The UNDP is assessing the scope of the attack and has determined which data was exposed and the individuals at risk due to the breach.
4. Initial contact has been made with those impacted and relevant stakeholders, including UN system partners.
5. While the UNDP has not officially named the threat actor, 8Base, a ransomware gang, listed UNDP as one of its victims on its website, claiming to have uploaded personal data, certificates, and confidential information to servers.
6. It is unclear whether a ransom has been demanded or paid, as the UNDP has not provided subsequent comments on this matter.
These points highlight the key details regarding the cyberattack on the UNDP and the subsequent actions taken by the organization.