Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Red Cross Falls Victim to Massive Cyberattack

The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said on Wednesday.

The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said on Wednesday.

“A sophisticated cyber security attack against computer servers hosting information held by the International Committee of the Red Cross (ICRC) was detected this week,” it said in a statement.

“The attack compromised personal data and confidential information on more than 515,000 highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.”

The body, which has its headquarters in Geneva, had no immediate indication as to who might have carried out the attack.

It said the hackers targeted an external company in Switzerland that the ICRC contracts to store data. There was no evidence so far that the compromised information had been leaked or put in the public domain.

The ICRC said its “most pressing concern” was the “potential risks that come with this breach — including confidential information being shared publicly — for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families”.

The data originated from at least 60 Red Cross and Red Crescent National Societies around the world.

“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said ICRC director-general, Robert Mardini.

Advertisement. Scroll to continue reading.

“This cyberattack puts vulnerable people, those already in need of humanitarian services, at further risk.”

And he called on those responsible to “do the right thing — do not share, sell, leak or otherwise use this data”.

“Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering,” he added.

As a result of the attack, the ICRC had been forced to shut down the computer systems underpinning its Restoring Family Links programme that seeks to reunite family members separated by conflict, disaster or migration, the statement said.

“We are working as quickly as possible to identify workarounds to continue this vital work,” it added.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Register

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

SAP security firm SecurityBridge announced the appointment of Roman Schubiger as the company’s new CRO.

Cybersecurity training and simulations provider SimSpace has appointed Peter Lee as Chief Executive Officer.

Orchid Security has appointed a new Chief Product Officer and three advisors.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.