25,000 Email Accounts from WHO, Gates Foundation, World Bank, NIH, WIV Leaked

On April 23rd, 2020 a malicious leak was reported of Email Ids and Passwords of official employees from many global corporations who seem to have one thing in common – Coronavirus research material.

3 min read
25,000 Email Accounts from WHO, Gates Foundation, World Bank, NIH, WIV Leaked

While the general world population is busy coping with the new found calamity – COVID 19, few bad threat actors are still not resting. What’s more shocking is that the target victims this time around are the health organizations battling for us in the front yard, giving us a chance at survival.

NIH, WHO, Gates Emails Hacked – News Source

On April 23rd, 2020 The Washington Post reported a malicious leak of Email Ids and Passwords of official employees from many global corporations who seem to have one thing in common – Coronavirus research material. This cybercrime information was first brought to light by SITE Intelligence Group, based in Bethesda, Maryland who monitors and tracks suspicious online activities related to the terrorism on Dark Web. During their routine inspections, they discovered a skeptical link posted on the infamous website 4Chan, this url further redirected to a Pastebin document. From there, the list spiraled down to many Twitter, Telegram and other networking websites.

The timing, targeted organizations and underlying cause, all seem to direct towards the unethical weaponization of COVID-19 Pandemic.

The major organizations that fell victim to this attack, along with the number of their alleged emails leaked are:

  1. National Institutes of Health (NIH; United States Department of Health and Human Services): 9,938
  2. Centers of Disease Control and Prevention (CDC; United States Federal Agency): 6,857
  3. World Bank: 5,120
  4. World Health Organization (WHO): 2,732
  5. Gates Foundation: Minor
  6. Wuhan Institute of Virology (WIV): Minor

Till now it hasn’t been comprehensively confirmed if this leak consists of either real account information, or fake material or the data dump from some previous cyberattack, as was pointed by Robert Potter, an Australian cybersecurity expert.

Risks and Official Statements

Since the data breach and its public posting on 19th April, 2020, hacking opportunists became highly active to exploit this contingency. Though the private and government organizations mostly use 2-factor authentication or multi-level security login access, this universally available data dump still raises the stakes. While the mentioned medical institutions, especially WIV, have been accused of outbreaking the virus, the Gates Foundation and World Bank have major donations/ funds in the fight against this real-world hazard.

Official statements from the target and related corporations like NIH, CDC, FBI and World Bank did not directly comment on this security risk but rather assured that they will take all the necessary appropriate actions against such cyberthreats.

While WHO confirmed that from the exposed list, 457 were their real Email Ids and Passwords. But none were compromised and the respective passwords have been reset.

Twitter, that played an extensive role in the widespread of this data dump, has stated that they are trying to take urgent actions of bulk removal to honor their policy of private information.

Robert Potter (the above mentioned cybersecurity expert) also disclosed another interesting detail. Although we’ve been repeatedly educated on the use of strong passwords, most password keys were as simple as ‘password’, ‘[first name]’, ‘changeme’ etc. These accounts mostly belonged to the World Health Organization employees. But this isn’t the first time WHO has fallen prey to a hacking. That’s why it was all the more shocking that such high-profile companies are taking digital security so lightly.

Why? – The Motive Behind the NIH, WHO, Gates Foundation Email Leaks

The indirect message behind this alleged data breach is to spread misconception about COIVD-19 pandemic, linking these reputed organizations in the web of it all. This conversation also ended up in certain extremist forums and a Neo-Nazi Telegram channel “Terrorwave Refined”. Sepulcations of the HIV induced coronavirus are doing rounds amidst all the chaos.

In the end, it’s safe to say that there’s no real proof or explanation available for this leak, but it’s better to avoid these fabrications and focus on COVID-19 related real facts.

Follow us on Telegram and Twitter for all such latest cybersecurity news and updates.


🎉 You've successfully subscribed to Hack Reports!