Hackers stole United Nations data earlier this year by hacking into the account of a UN employee. Presumably, the as yet unknown perpetrators bought online login details of a UN account.
The hackers gained access to UN computer systems on April 5, but they were said to have been active as of August 7. Cybersecurity firm Resecurity is investigating the leak and says the perpetrators gathered data by taking screenshots.
According to Resecurity, the hackers wanted to learn how the United Nations computer network works, and they wanted to steal data from 53 accounts. This kind of information can be sold to groups that want to penetrate the UN, among others.
The credentials are said to have been sold for $1,000 in a package containing even more usernames and passwords for various organizations. Several Russian-speaking people are said to have offered the package.
The hacked VN account did not use two-step verification and extra security when logging in.