Hackers post nearly 25K email addresses, passwords from WHO, NIH & others fighting COVID-19

Hackers published almost 25,000 email addresses and passwords allegedly belonging to the National Institutes of Health, World Health Organization, the Gates Foundation and others working to combat the COVID-19 pandemic, according to The Washington Post.

The information was posted on April 19-20 to several online messaging boards and lists, including Twitter, 4chan, Pastebin and Telegram, The SITE Intelligence Group, which monitors online extremism and terrorist groups, told the publication.

SITE said it found 9,938 alleged emails and passwords of NIH accounts posted on lists online, followed by the CDC with 6,857, the World Bank with 5,120 and WHO with 2,732. A smaller number of accounts were posted for the Gates Foundation and the Wuhan Institute of Virology. The cybersecurity group said it was unable to verify whether the email addresses and passwords were authentic but an Australian cybersecurity expert said he confirmed the WHO addresses were real, according to the report.

"Neo-Nazis and white supremacists capitalized on the lists and published them aggressively across their venues,” SITE executive director Rita Katz said. "Using the data, far-right extremists were calling for a harassment campaign while sharing conspiracy theories about the coronavirus pandemic. The distribution of these alleged email credentials were just another part of a months-long initiative across the far right to weaponize the covid-19 pandemic."

The CDC, WHO and World Bank did not immediately respond to the Post's comment requests, but the NIH issued the following statement on April 22: "We are always working to ensure optimal cyber safety and security for NIH and take appropriate action to address threats or concerns. We do not comment on specific cybersecurity matters, as such information could be used to undertake malicious activities."

More articles on cybersecurity:
Google blocks 18M daily malware, phishing emails related to COVID-19
5 things for CISOs to know during COVID-19 
Big tech lobbies Congress to include cybersecurity funds in the next stimulus package: 5 details

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Content

Featured Webinars

Featured Whitepapers