The International Monetary Fund (IMF) revealed a cyber incident on Friday, acknowledging that unknown attackers breached 11 IMF email accounts earlier this year. This international financial institution, backed by 190 member countries and serving as a significant United Nations financial agency based in Washington, D.C., is currently investigating the incident to assess its impact.
According to a recent press release, the IMF detected the cyber incident in February and is now investigating to determine the extent of the attack. As of now, the IMF has found no evidence suggesting that the attackers gained access to other systems or resources beyond the compromised email accounts.
"The International Monetary Fund (IMF) recently experienced a cyber incident, which was detected on February 16, 2024. A subsequent investigation, with the assistance of independent cybersecurity experts, determined the nature of the breach, and remediation actions were taken," stated the IMF.
The investigation concluded that eleven IMF email accounts were compromised, and immediate measures were taken to secure them. The IMF spokesperson confirmed the use of the Microsoft 365 cloud-based email platform but declined to provide further details regarding the breach due to security concerns.
While the IMF has not linked this incident to recent breaches involving Russian hacking groups targeting Microsoft platforms, including the Midnight Blizzard group associated with the Russian Foreign Intelligence Service (SVR), it remains unclear whether these incidents are connected.
This is not the first time the IMF has faced cybersecurity challenges, as the organization was previously hacked in 2011, prompting significant security measures and precautionary actions. The investigation into the recent incident continues, with the IMF emphasizing its commitment to cybersecurity and ongoing efforts to safeguard its systems and data.