Large-scale cyberattack halts Red Cross work reuniting families, exposes confidential data

The entrance of the International Red Cross and Red Crescent Museum, as seen during a press preview of the new permanent exhibition in May 2013. (FABRICE COFFRINI/AFP via Getty Images)

Share

Written by

A cyberattack compromised personal and confidential data on more than half a million people helped by at least 60 Red Cross and Red Crescent organizations around the world, the International Committee of the Red Cross announced Wednesday.

The organization said the exposed information belonged to highly vulnerable groups, including families separated by conflict.

“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said Robert Mardini, ICRC’s director general. “This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.”

The hack compromised personal data including names, location and contact information of 515,000 individuals served by the group, including children and detainees. Login information for roughly Red Cross and Red Crescent staff and volunteers was also compromised.

ICRC clarified in a statement Jan. 21 that the attack was specifically targeted at its servers, not the Swiss company hosting them. No suspects have been identified yet.

International human rights organizations and nonprofits are popular targets for attackers. The United Nations confirmed in September it was hit earlier in the year by attackers that breached its infrastructure and accessed. The Red Cross has been a strong voice in calling for an end to cyberattacks against health care facilities.

Mardini urged those responsible for the attack to “do the right thing” and “not share, sell, leak or otherwise use this data.” There is currently no indication the data has been shared online.

As a result of the attack, the ICRC temporarily shut down its “Restoring Family Links” program, which helps reunite families separated by conflict, disaster, or migrations. IRIC is “working as quickly as possible to identify workarounds to continue this vital work,” according to a news release.

Updated 1/21/2022: Updated with additional information about the attack.

-In this Story-

cyberattack, data breaches, hacker, Red Cross
TwitterFacebookLinkedInRedditGmail