The International Committee of the Red Cross has informed that it was hit with a cyberattack that compromised the data of 515,000 vulnerable people.
The data concerned came from at least 60 Red Cross and Red Crescent national securities around the globe, related to missing people and families, people separated by conflict, those affected by disasters and people currently in detention. The organization said the most pressing concern is that some of this information that was breached will be made publicly available.
The ICRC had to take drastic action and shut down its support system, Restoring Family Links. This system helps people find relatives or loved ones who have been separated through conflicts, migration, or disasters.
The ICRC could confirm that this wasn’t a ransomware attack, and it’s still not certain if any of the data has appeared somewhere online. The attack is of note seeing that it’s the biggest the organization has faced and tagged as the biggest hack of any humanitarian organization.
Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering, The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data.ICRC Director Statement
Since no information seems to have appeared online and no payment has been asked for, it’s not clear why the attack happened. Mardini said he urges anyone involved in the attack to understand the sensitiveness of the data and refrain from exposing any of it.
This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk. There’s no indication the information has been shared publicly yet, but that’s no guarantee it won’t be in the future.