Passwords Leaked from the World Health Organization

For Everyone 

In the past week, over 2,000 passwords began circulating the internet claiming they were linked to email accounts of employees from the World Health Organization (WHO). According to the WHO’s chief information officer, they received eight security alerts from national cybersecurity authorities in April. They typically get one national security alert a month.

In this breach, the WHO wasn’t hacked. It appears some employees may have used their work email to register on a website, and that website was hacked. Because the WHO has two-factor authentication in place, the hackers were unable to gain access to any sensitive information.

For our security, HM requires all remote access into our systems to have two-factor authentication with a text or call to your mobile device. When you access your personal accounts, such as gmail.com or your mobile device, be sure to also enable this extra layer of security. To learn how to turn on two-factor authentication for your Google account, on your computer, Android or iOS device, click here.