Hackers publish access credentials for UN staff
A hacker group calling itself Teampoison has posted access credentials and email addresses for several hundred UN staff online. The origin of the access credentials is unclear. Since many of the email addresses belong to the United Nations Development Program (UNDP), they may be the result of a hack of one of its servers.
If the data is indeed the result of a hack, it would appear that the UN does not enforce any password guidelines. The passwords were not stored in encrypted form and there was no minimum length requirement. Some accounts appear not even to have a password.
The group's manifesto on Pastebin harangues the UN as "the bureaucratic head of NATO" and "the Senate for Global Corruption".
Update 1 December: A spokeswoman for the United Nations Development Programme (UNDP) has said that the UN server access credentials published by the hacker group were obsolete and no longer valid.