For those who don’t trust what they say, members of TeaMp0isoN, the hacker collective that managed to break into the systems of the United Nations Development Programme, leaked an email dated July 12, 2011, obtained from the server in question.
After UNDP representatives claimed that the breached server was old and later taken offline, the hackers published the content of an email sent this summer to someone that was applying for a job within the organization.
“Congratulations! You have been shortlisted for the position of Aid for Trade Policy Specialist /Team Leader, P4. We would like to invite you for a written test which should be conducted during this week. Proposed date: Thursday, 14 July 2011,” reads the body of the email.
Trick, one of the masterminds behind the operation, claims that this is a randomly selected email from the thousands that were sent since 2007 from that specific server.
“Apparently they shut the server down when they had found out it was hacked, yet I just obtained the above email from the cj_batch_messages table in their database server which was meant to be down,” he said.
The whole thing started at the end of November when the hacker collective published more than 500 email addresses, usernames and passwords belonging to UNDP members. In response, the organization told media outlets that the server was outdated and unpatched.
“The UNDP found [the] compromised server and took it offline,” said spokeswoman Sausan Ghosheh at the time. “The server goes back to 2007. There are no active passwords listed for those accounts.”
Since the statement was made, TeaMp0isoN has been coming up with new proof to show that in fact what the UN says is untrue. Now, since the ball is in UNDP’s court, they’ll either come up with a new statement to prove their point, or they’ll really patch up the flaws that allow unrestricted access to their systems.