Exposed United Nations Database Left Sensitive Information Accessible Online
A database containing sensitive, sometimes personal information from the United Nations Trust Fund to End Violence Against Women was openly accessible on the internet, revealing more than 115,000 files related to organizations that partner with or receive funding from UN Women. The UN Women database is a prime example of a small error that could create additional risk for women, children, and LGBTQ people living in hostile situations worldwide. “I've found lots of data before, including from all sorts of government agencies, but these organizations are helping people who are at risk just for being who they are, where they are.” A spokesperson for UN Women tells WIRED in a statement that the organization appreciates collaboration from cybersecurity researchers and combines any outside findings with its own telemetry and monitoring. Such information is also ripe for abuse in scams since the UN is such a trusted organization, and the exposed data would provide details on internal operations and potentially serve as templates for malicious actors to create legitimate-looking communications that purport to come from the UN.
Discover Related
Security services still sharing data with US despite concerns
Secret documents, weapon design among sensitive defence data leaked: Report
What’s the fallout of the US security breach?
'Heads are exploding': How security experts see the Signal war-plan breach
Kristi Noem’s bizarre war on “leakers”: MAGA paranoia’s new frontier
Hackers leak British celebrities' bank details to the dark web
Data breach hits US firm DISA—3.3 million affected as hackers steal personal info
Sensitive Bank Data Set for Deletion in CFPB Purge, Ex-Aide Says
Scientist calls the disappearance of federal health data a 'digital book burning'
CDC scrubs research databases referencing sexual orientation and gender identity
Sensitive DeepSeek data exposed to open internet: Wiz cyber security firm
TU Eindhoven hackers had access to log-in details of employee, student: report
US Names One of the Hackers Allegedly Behind Massive Salt Typhoon Breaches
Hackers boast of health workers visa data breach, sparking police probe
Meta settles Cambridge Analytica lawsuit with Australia’s privacy watchdog, to pay $50 million
MANUU Holds Workshop on Digital Security
Not to alarm you, but your Social Security number is already leaked
EU's data privacy laws stymie India's investigation into airline bomb hoax calls
Amazon confirms employee data exposed in third-party data breach: What we know