Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Red Cross Falls Victim to Massive Cyberattack

The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said on Wednesday.

The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said on Wednesday.

“A sophisticated cyber security attack against computer servers hosting information held by the International Committee of the Red Cross (ICRC) was detected this week,” it said in a statement.

“The attack compromised personal data and confidential information on more than 515,000 highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.”

The body, which has its headquarters in Geneva, had no immediate indication as to who might have carried out the attack.

It said the hackers targeted an external company in Switzerland that the ICRC contracts to store data. There was no evidence so far that the compromised information had been leaked or put in the public domain.

The ICRC said its “most pressing concern” was the “potential risks that come with this breach — including confidential information being shared publicly — for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families”.

The data originated from at least 60 Red Cross and Red Crescent National Societies around the world.

“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said ICRC director-general, Robert Mardini.

“This cyberattack puts vulnerable people, those already in need of humanitarian services, at further risk.”

And he called on those responsible to “do the right thing — do not share, sell, leak or otherwise use this data”.

“Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering,” he added.

As a result of the attack, the ICRC had been forced to shut down the computer systems underpinning its Restoring Family Links programme that seeks to reunite family members separated by conflict, disaster or migration, the statement said.

“We are working as quickly as possible to identify workarounds to continue this vital work,” it added.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...