UN data breach appears to stem from an employee login that was sold on the dark web. The attackers used this entry point to move farther into the organization's networks and conducted reconnaissance between April and August.
Over 100,000 UN employee records were accessed by security researchers in a Git data breach originating from repositories associated with UNEP and ILO domains.