Cybersecurity researcher Jeremiah Fowler discovered a serious data breach involving the UN Trust Fund to End Violence against Women, revealing over 115,000 sensitive records.
The exposed database, totaling 228 GB, included unencrypted files like financial audits, staff salary information, bank details, and even scanned passports and ID cards.
Among the most concerning were documents labeled as “victim success stories,” with some containing personal accounts, including one from a Chibok schoolgirl kidnapped by Boko Haram in 2014. This data breach could pose serious safety risks to those working with or being assisted by the fund.
Fowler quickly notified the UN’s Information Security team, who acknowledged the breach but redirected the responsibility to UN Women.
While access to the database was restricted following his disclosure, it remains unclear how long the records were exposed or if any unauthorized parties accessed the data.
