World Bank Hacked, Sensitive Data Exposed - Desktop Security News Analysis - Dark Reading

The World Bank Group has been hit by a series of hacker attacks on its network over the past few months, possibly exposing sensitive data held by the anti-poverty agency, according to a published report.

A WBG spokesperson acknowledged in the report that the agency had “repeatedly experienced hacking attacks on its computer systems,” but that no hackers had “accessed sensitive data in its treasury, procurement, anti-corruption, or human resources departments” as FoxNews.com reported Friday.

According to the FoxNews.com report, World Bank employees have been ordered to change their passwords three times in the past three months in the wake of the attacks, which spanned somewhere between 18 and 40 of its servers in multiple hacks, which began last year. The published report says there were six major break-ins in the past year, and that at least five servers containing sensitive data were exposed. FoxNews apparently obtained an internal email message and memos from the World Bank in response to the attacks that illustrate the complicated series of events and the agency’s response to them.

The revelation of breaches at the World Bank could not come at a worse time given the global financial crisis, but security experts say the hacks were coincidental and unlikely to be tied to the economic developments. The World Bank provides financial and technical assistance to developing countries, and includes 185 member nations on its board.

“We really don’t know at this moment what information was stolen,” says Graham Cluley, senior technology consultant for Sophos. “It’s just as possible that it was a bunch of college kids breaking into something they shouldn’t be as [it is for] some political or financial motivation. At the same time, economic and financial institutions basically bleed because of a [loss] in confidence and trust....