Someone broke into almost a dozen IMF email accounts, but it’s yet unknown what they did with the information found there.
The International Monetary Fund (IMF), a UN financial agency funded by 190 member countries, confirmed the breach in a press release published late last week, as well as in a short statement given to BleepingComputer.
According to the press release, the IMF detected the breach in mid-February this year, after which it brought in independent cybersecurity experts to launch an in-depth investigation and determine the nature of the breach. The investigation determined that 11 IMF email accounts were compromised.
Connections to Microsoft
“We have no indication of further compromise beyond these email accounts at this point in time,” the IMF said in the announcement. “The investigation into this incident is continuing.”
Following the discovery, the IMF took certain “remediation actions”, but did not elaborate what that exactly means. It said that the impacted accounts were re-secured.
“The IMF takes prevention of, and defense against, cyber incidents very seriously and, like all organizations, operates under the assumption that cyber incidents will unfortunately occur. The IMF has a robust cybersecurity program in place to respond quickly and effectively to such incidents,” it concluded in the press release.
In a short statement given to BleepingComputer, the IMF confirmed using Microsoft 365, but stressed that the incident “does not appear to be part of Microsoft targeting.”
Earlier this year, Microsoft announced it was being targeted by a Russian state-sponsored threat actor known as Midnight Blizzard. This group dwelled on Microsoft’s systems for a month, and stole roughly two dozen corporate emails.
A few days after the news broke, Hewlett Packard Enterprise (HPE) reported of Russian hackers also breaching some of its Microsoft Office 365 email accounts and stealing sensitive data found there.