Red Cross cyberattack exposed data on 515,000 vulnerable people

The International Committee of the Red Cross, which is best known for helping victims of war, says hackers broke into servers hosting its data and gained access to personal and confidential information over more than half a -million vulnerable people.

The Geneva-based agency said on Wednesday that the breach by unknown intruders this week affected the data of around 515,000 people “including those separated from their families due to conflict, migration and ‘disaster, missing persons and their families, and those in custody’. He said the information came from at least 60 Red Cross and Red Crescent chapters around the world.

“An attack on the data of missing persons makes the anguish and suffering of families even more difficult to bear,” ICRC director general Robert Mardini said in a statement. “We are all appalled and perplexed that this humanitarian information is being targeted and compromised.”

The ICRC said the breach targeted an external contractor in Switzerland who stores data for the aid organization, and there was no indication the information had been shared publicly or leaked.

Agency spokeswoman Crystal Wells said that while the ICRC cannot say for sure the files were stolen, “we think it’s likely. We know they got into our system and had access to our data”.

Wells said the ICRC did not want to speculate on who might be behind the intrusion.

Addressing the person or people behind the intrusion, Mardini appealed: “The real people, the real families behind the information you have now are some of the least powerful in the world. Please do this. do not share, sell, disclose or otherwise use this data.”

This suggests that the ICRC suspects that the culprits are criminals seeking to profit from the data, for purposes of identity theft, for example.

The ICRC said the breach forced it to shut down systems around its Restoring Family Links program, which aims to reunite family members separated by conflict, disaster or migration.

Ewan Watson, a spokesman for the ICRC, said the organization had never experienced hacking on such a scale before.

Comments are closed.