As this vulnerability occurred due to poorly secured git servers containing configuration files that include credentials for other servers, it is a good reminder to carefully control access to any source code repositories, regularly audit the contents of repositories to find any API keys or passwords that should not be in git, and monitor logins and access patterns to detect unauthorized access. WordPress configuration weaknesses are another very common problem that threat actors take advantage of, so Binary Defense recommends taking some of the steps mentioned in this article: https://www.wordfence.com/learn/how-to-harden-wordpress-sites/#securing-your-database including the following:
• Moving your wp-config.php file above your web root, making it inaccessible.
• Ensuring that wp-config.php ends in .php and cannot be viewed by unwanted attackers.
Additionally, Binary Defense recommends employing a 24/7 SOC monitoring solution, such as Binary Defense’s own Security Operations Task Force, to quickly take action if an intrusion is detected on servers or workstations.

Source article: https://www.bleepingcomputer.com/news/security/united-nations-data-breach-exposed-over-100k-unep-staff-records/