Wuhan Institute of Virology Data Breach (2020)

The Chinese research laboratory at the centre of a conspiracy theory about the origin of the new coronavirus has been targeted by hackers, according to security watchers. The Wuhan Institute of Virology was among targets including the World Health Organisation whose employees' email addresses and login credentials were leaked and circulated online on Tuesday, the SITE Intelligence Group, which monitors right-wing extremism, said in a report. The information was shared on Telegram channels, Twitter accounts and message board threads, especially those used by far-right extremists. Screen captures of attempts to log in to email accounts using the leaked information were also posted on discussion sites. The Wuhan institute, which is affiliated with the Chinese Academy of Sciences, runs the country's only level-four biosafety laboratory — the highest level that carries out research on the most dangerous pathogens. It is located in the central Chinese city where coronavirus cases were first reported late last year and has been the subject of persistent speculation that the new virus strain was accidentally leaked from the lab, which the institute has denied. The WHO on Thursday confirmed that some 450 active WHO email addresses and passwords were leaked, but said they did not put the global health body's systems at risk because the data was not recent. However, the WHO said the cyberattack had an impact on an older extranet system that was used by current and retired staff as well as partners, and noted an increase in such attacks. "The number of cyberattacks is now more than five times the number directed at the organisation in the same period last year," the WHO said. Victims of the email credentials leak also included the Bill and Melinda Gates Foundation, US Centres for Disease Control and Prevention, World Bank and the National Institutes of Health, the SITE report said. It was not clear who carried out the cyberattacks, but SITE suggested they were aimed at harassing the staff at the organisations and retrieving sensitive Covid-19 information, as they had all been part of conspiracy theories around the pandemic.