Unknown individuals leaked almost 25,000 email addresses and passwords allegedly from USA’s National Institute of Health (NIH), the World Health Organization (WHO), the Gates Foundation, and other organizations working to fight the Coronavirus disease 2019 (COVID-19) pandemic, according to SITE Intelligence Group, an American Non-Government Organization (NGO) monitoring online extremism and terrorist groups.
While SITE was unable to verify whether said email addresses and passwords were authentic, the NGO said the information leaked earlier was almost immediately used to incite attempts at harassment and hacking by far-right extremists. According to Australian cybersecurity expert Robert Potter, the leaked WHO email addresses and passwords were real.
The list of email addresses and passwords, first appeared in text storage website Pastebin. Said list’s origin is still unclear. The list was then posted on an anonymous message board 4chan. Then, the list was later shared to Twitter and far-right extremist channels on messaging app Telegram.
The American-based Terrorism-monitoring NGO said the biggest group of alleged emails and passwords came from the NIH with credentials numbering about 9,938 found on lists posted online. Following the NIH in allegedly leaked email addresses and passwords is the Center for Disease Control and Prevention (CDC) with 6,857 accounts. The World Bank reportedly had 5,120. The WHO allegedly had 2,732, according to SITE’s report.
A portion of the alleged list of leaked email addresses and passwords reportedly came from the Gates Foundation. Email accounts from the Wuhan Institute of Virology (WIV) are also allegedly leaked. WIV is a Chinese research institute based in Wuhan and has also been accused of spreading COVID-19.
NIH and the other affected institutions declined to answer whether their organizations use multi-factor authentication. Nevertheless, former and current employees reported that such protections had become routine within federal agencies.
Multi-factor authentication is a security measure which requires a temporary code or physical token to access a computer system. The security measure is often used by governments and business organizations.
Potter, Chief Executive of Australian company Internet 2.0, said that hew was able to into the WHO computer systems using the posted email accounts on the internet. The WHO is currently getting flak for its response to COVID-19 and has been accused of beiung too deferential to China.
“Their password security is appalling,” Potter said of the WHO. “Forty-eight people have ‘password’ as their password.” Others, he said, had used their own first names or “changeme.”
Potter stated that the WHO credentials appear to have come from a hack back in 2016. He further said that the alleged email credentials may have been purchased from individuals on the Dark Web, a part of the internet that is not conventionally indexed by most search engines. The Dark Web is part of the internet where hacked information is often put up for sale.
With additional report from: The Washington Post,
Photo Courtesy: en.reseauinternational.net, nih.gov, Trend Micro,
