The United Nations offices in Geneva and Vienna were infiltrated by hackers last year, according to classified documents obtained by The New Humanitarian.
The breach reportedly began in July 2019, though United Nations employees were not made aware of the strike until the end of August.
The New Humanitarian says 20 machines had to be completely rebuilt and U.N. staff had to work a number of overtime hours to isolate the data. One employee described the breach to The New Humanitarian as a “major meltdown.”
One alert received by employees said, “We are working under the assumption that the entire domain is compromised. The attacker doesn't show signs of activity so far, we assume they established their position and are dormant.”
Dozens of servers, including the human rights wing and human resources department, which contains confidential staff information were reportedly compromised in the breach. The report says that the U.N. did not publicly disclose the breach or inform the staff of the hack. Staff was asked to change their passwords.
The U.N. did not immediately respond to an inquiry from The Hill. However, a U.N. spokesperson told The New Humanitarian that though the attack was considered “serious” the severity of the incident could not be determined, so they decided not to publicly disclose the breach.
A U.N. spokesperson told The New Humanitarian that the U.N. has invested resources in fortifying tech infrastructure throughout their offices.
“This included rebuilding significant elements of the infrastructure, and replacement of keys and credentials,” they said. “Additional technical and procedural controls have been implemented to further strengthen information security for the affected offices.”