IMF says February cyberattack involved compromise of 11 email accounts

A cyberattack in February led to the compromise of 11 email accounts at the International Monetary Fund (IMF), the organization said on Friday. 

In a brief statement, the IMF said the cyber incident was detected on February 16. 

“A subsequent investigation, with the assistance of independent cybersecurity experts, determined the nature of the breach, and remediation actions were taken. The investigation determined that eleven (11) IMF email accounts were compromised,” the organization said. 

“The impacted email accounts were re-secured. We have no indication of further compromise beyond these email accounts at this point in time. The investigation into this incident is continuing.”

Reuters reported that none of the email accounts accessed were used by senior leaders of the organization. 

A spokesperson told Recorded Future News: “For security reasons, we cannot disclose further details. We cannot confirm attribution.”

The IMF — a lender made up of 190 member countries — is an international financial institution designed to stabilize economies by providing billions in funding to governments around the world each year.

The organization last dealt with a cybersecurity incident in 2011, when an alleged nation-state actor breached the organization’s systems and spent months rifling through files, according to The New York Times.  

The attack was so significant at the time that the IMF cut all digital connections to the World Bank in an effort to contain the damage. The incident was initially discovered when IT workers found strange file transfers occurring from one computer at the IMF. Emails and other documents were taken, sources told several news outlets at the time.