WHO Admits to Leaked Credentials, Says Number of Cyber Attacks Increased Fivefold

The World Health Organization (WHO) admitted that around 450 active credentials were leaked online last week and noted that the number of cyberattacks directed at the organization increased fivefold, compared with the same period the previous year.

The WHO, along with a number of high profile companies and organizations involved in the fight against the COVID-19 pandemic, including the Gates Foundation, was the subject of a data leak. Numerous credentials leaked online, some of which belonged to active WHO accounts.

Just a few weeks ago, the WHO reported that a phishing campaign directed at its staff was being deployed, but the organization said that it’s nothing serious and that it’s already aware of the attempts. It’s unclear whether that phishing campaign had any effect, but it’s clear that the interest is there.

There’s already a flurry of spam that uses WHO as a reference point in emails, hoping to give campaigns a legitimate feel. In fact, Bitdefender’s telemetry found that the number of spam emails increased five times, from February to March.

“Ensuring the security of health information for Member States and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic,” said Bernardo Mariano, WHO’s Chief Information Officer. We are grateful for the alerts we receive from Member States and the private sector. We are all in this fight together.”

According to the WHO, the leaked 450 active WHO email addresses and passwords impacted an older extranet system, which was still being used by staff and partners. The organization is moving the affected systems to a more secure infrastructure.

WHO is also warning people to pay attention to emails seemingly coming from their organization, and advise users only to check official sources of they need any information.