United Nations

THE UNITED NATIONS accidentally published passwords, internal documents, and technical details about websites.

It happened when it misconfigured popular project management service Trello, issue tracking app Jira, and office suite Google Docs.

This made sensitive material available online to anyone with the proper link, rather than only to specific users who should have access.

Affected data included credentials for a U.N. file server, the video conferencing system at the U.N.’s language school, and a web development environment for the U.N.’s Office for the Coordination of Humanitarian Affairs.

The sensitive information were available by running searches on Google.

The searches, in turn, produced public Trello pages, some of which contained links to the public Google Docs and Jira pages.

Source: https://theintercept.com/2018/09/24/united-nations-trello-jira-google-docs-passwords/

"id": "UNI175830922",
"linkid": "united-nations",
"type": "Breach",
"date": "09/2018",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"