Anonymous Hacked the Data of More Than 1,000 Climate Change Officials

The hacktivist group has leaked private information from hundreds of Paris climate summit delegates.

<a href="http://www.shutterstock.com/pic-248701786/stock-photo-computer-programming-programming-using-laptop-computer-internet-technologies.html?src=kPddgj0tIG8720Enha8gyg-1-40">welcomia</a>/Shutterstock

For indispensable reporting on the coronavirus crisis, the election, and more, subscribe to the Mother Jones Daily newsletter.


This story was originally published by the Guardian and is reproduced here as part of the Climate Desk collaboration.

Hackers have leaked the private login details of nearly 1,415 officials at the UN climate talks in Paris in an apparent act of protest against arrests of activists in the city.

Anonymous, the hacktivist movement, hacked the website of the summit organizers, the UN Framework Convention on Climate Change (UNFCCC), and posted names, phone numbers, usernames, email addresses, and secret questions and answers onto an anonymous publishing site.

Anonymous claimed the attack was an act of protest against the arrest of protesters on a climate march in Paris on Sunday. Climate activists organizing a peaceful protest say that the demonstration was hijacked by a small group of anarchists who clashed with police. All public protests have been banned in the city since a state of emergency was declared after the terror attacks nearly three weeks ago.

Officials whose data has been leaked are from a range of countries including the United Kingdom, Switzerland, Peru, France, and the United States. Employees of the British Council and the Department for Environment, Food and Rural Affairs are among the British officials whose data is now in the public domain.

“For the UNFCCC itself it’s embarrassing,” says Oliver Farnan, security researcher at the Cyber Security Network in Oxford University. “The specific attack that was used [an SQL injection attack] is a well-known vulnerability…To have their entire user database compromised in this way demonstrates a lack of focus on security,” he said.

Farnan also said that the password encryption used by the UNFCCC appeared to be an “old and weak hashing algorithm,” that should have been “phased out.”

However the damage is likely to be limited, and mitigated by changing the passwords on any accounts that use similar passwords.

“Although it’s embarrassing, it’s essential to ensure that their users don’t get compromised in follow on attacks,” Farnan said.

More MotherJones reporting on Climate Desk

DOES IT FEEL LIKE POLITICS IS AT A BREAKING POINT?

Headshot of Editor in Chief of Mother Jones, Clara Jeffery

It sure feels that way to me, and here at Mother Jones, we’ve been thinking a lot about what journalism needs to do differently, and how we can have the biggest impact.

We kept coming back to one word: corruption. Democracy and the rule of law being undermined by those with wealth and power for their own gain. So we're launching an ambitious Mother Jones Corruption Project to do deep, time-intensive reporting on systemic corruption, and asking the MoJo community to help crowdfund it.

We aim to hire, build a team, and give them the time and space needed to understand how we got here and how we might get out. We want to dig into the forces and decisions that have allowed massive conflicts of interest, influence peddling, and win-at-all-costs politics to flourish.

It's unlike anything we've done, and we have seed funding to get started, but we're looking to raise $500,000 from readers by July when we'll be making key budgeting decisions—and the more resources we have by then, the deeper we can dig. If our plan sounds good to you, please help kickstart it with a tax-deductible donation today.

Thanks for reading—whether or not you can pitch in today, or ever, I'm glad you're with us.

Signed by Clara Jeffery

Clara Jeffery, Editor-in-Chief

payment methods

We Recommend

Latest