A hacker group called Teampoison published access credentials and e-mails of hundreds of UN workers. A source of the data is not known. Many e-mail belong to United Nations Development Program (UNDP) employees, so it is possible that one of its servers was hacked.
If the data are genuine it shows that UN doesn’t enforce any e-mail protection policy. Passwords were not encrypted, there’s no minimum lenght and some accounts aren’t protected by a password.

source: Heise Online
30.11.2011