The security experts of Sakura Samurai have managed to get access to more than 100,000 personal records and credentials belonging to United Nations representatives in just a few hours.
The data breach was initially originated from exposed Git directories and credentials, which enabled the experts to clone Git repositories and accumulate a huge amount of personally identifiable information (PII) associated with over 100k employees.
The security experts Jackson Henry, Nick Sahler, John Jackson, and Aubrey Cottle of Sakura Samurai who have revealed the vulnerability came across visible Git directories (.git) and Git credential files (.git-credentials) on domains that are generally linked with the UNEP and United Nation’s International Labour Organization (ILO).
The security experts have mentioned a list of compromised data (PII), and here we have mentioned them below:-
- Travel Records (Two Documents: 102,000+ Records)
- HR Nationality Demographics (Two Documents: 7,000+…