A cyberattack on a Red Cross contactor resulted in the theft of personal data for more than 515,000 highly vulnerable people seeking missing families.
The infamous attack was disclosed by the International Committee of the Red Cross (ICRC), which confirmed that the data originated from at least 60 different Red Cross and Red Crescent National Societies worldwide.
Stolen data includes information belonging to individuals separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.
“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said Robert Mardini, ICRC’s director-general. “This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.”
The contractor targeted by the attackers is an external company in Switzerland that stores data for the organization. At this time the organization has yet to discover who is behind the attack and the motivation, it has no indication that the compromised information has been leaked.
“While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,” said Mr Mardini. “Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data.”
ICRC shut down the systems and website for the Restoring Family Links program that was hit by the attackers.
“We are working as quickly as possible to identify workarounds to continue this vital work,” it added.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Red Cross)
[adrotate banner=”5″]
[adrotate banner=”13″]
Signal implements new screen security on Windows 11, blocking screenshots by default to protect user…
Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included…
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing…
Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the…
Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals.…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output…
This website uses cookies.
