UNDP Investigates Cyber-Security Incident

April 16, 2024

New York - The United Nations Development Programme (UNDP) recently experienced a cyber-attack, in which local IT infrastructure in UN City, Copenhagen was targeted. 

On March 27, UNDP received a threat intelligence notification that a data-extortion actor had stolen data which included certain human resources and procurement information.

Actions were immediately taken to identify a potential source and contain the affected server as well as to determine the specifics of the exposed data and who was impacted. 

UNDP is currently conducting a thorough assessment of the nature and scope of the cyber-attack, and we have maintained ongoing communication with those affected by the breach so they can take steps to protect their personal information from misuse. Additionally, we are continuing efforts to contact other stakeholders, including informing our partners across the UN system.

UNDP takes this incident extremely seriously and we reiterate our dedication to data security. We are committed to continue working to detect and minimize the risk of cyber-attacks.