Anonymous Hacked the Data of More Than 1,000 Climate Change Officials

The hacktivist group has leaked private information from hundreds of Paris climate summit delegates.

<a href="http://www.shutterstock.com/pic-248701786/stock-photo-computer-programming-programming-using-laptop-computer-internet-technologies.html?src=kPddgj0tIG8720Enha8gyg-1-40">welcomia</a>/Shutterstock

Fight disinformation. Get a daily recap of the facts that matter. Sign up for the free Mother Jones newsletter.


This story was originally published by the Guardian and is reproduced here as part of the Climate Desk collaboration.

Hackers have leaked the private login details of nearly 1,415 officials at the UN climate talks in Paris in an apparent act of protest against arrests of activists in the city.

Anonymous, the hacktivist movement, hacked the website of the summit organizers, the UN Framework Convention on Climate Change (UNFCCC), and posted names, phone numbers, usernames, email addresses, and secret questions and answers onto an anonymous publishing site.

Anonymous claimed the attack was an act of protest against the arrest of protesters on a climate march in Paris on Sunday. Climate activists organizing a peaceful protest say that the demonstration was hijacked by a small group of anarchists who clashed with police. All public protests have been banned in the city since a state of emergency was declared after the terror attacks nearly three weeks ago.

Officials whose data has been leaked are from a range of countries including the United Kingdom, Switzerland, Peru, France, and the United States. Employees of the British Council and the Department for Environment, Food and Rural Affairs are among the British officials whose data is now in the public domain.

“For the UNFCCC itself it’s embarrassing,” says Oliver Farnan, security researcher at the Cyber Security Network in Oxford University. “The specific attack that was used [an SQL injection attack] is a well-known vulnerability…To have their entire user database compromised in this way demonstrates a lack of focus on security,” he said.

Farnan also said that the password encryption used by the UNFCCC appeared to be an “old and weak hashing algorithm,” that should have been “phased out.”

However the damage is likely to be limited, and mitigated by changing the passwords on any accounts that use similar passwords.

“Although it’s embarrassing, it’s essential to ensure that their users don’t get compromised in follow on attacks,” Farnan said.

More Mother Jones reporting on Climate Desk

FACT:

Mother Jones was founded as a nonprofit in 1976 because we knew corporations and the wealthy wouldn't fund the type of hard-hitting journalism we set out to do.

Today, reader support makes up about two-thirds of our budget, allows us to dig deep on stories that matter, and lets us keep our reporting free for everyone. If you value what you get from Mother Jones, please join us with a tax-deductible donation today so we can keep on doing the type of journalism 2021 demands.

payment methods

FACT:

Mother Jones was founded as a nonprofit in 1976 because we knew corporations and the wealthy wouldn't fund the type of hard-hitting journalism we set out to do.

Today, reader support makes up about two-thirds of our budget, allows us to dig deep on stories that matter, and lets us keep our reporting free for everyone. If you value what you get from Mother Jones, please join us with a tax-deductible donation today so we can keep on doing the type of journalism 2021 demands.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate