Cyberattack Targets Red Cross Red Crescent Data

According to a Jan. 19 news release, a cyberattack targeted Red Cross Red Crescent data on 500,000 people.

The release states that “The attack compromised personal data and confidential information on more than 515,000 highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention. The data originated from at least 60 Red Cross and Red Crescent National Societies around the world.”

Further, “The International Committee of the Red Cross’s (ICRC) most pressing concern following this attack is the potential risks that come with this breach—including confidential information being shared publicly—for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families. When people go missing, the anguish and uncertainty for their families and friends is intense.”

The release continues that the ICRC doesn’t have any indication as of right now who carried out the cyberattack that targeted an external company in Switzerland ICRC uses to store data. Additionally, there has not yet been any indication that the compromised data has been leaked.

“The ICRC along with the wider Red Cross and Red Crescent network jointly runs a program called Restoring Family Links that seeks to reunite family members separated by conflict, disaster or migration,” the release continues. “Because of the attack, we have been obliged to shut down the systems underpinning our Restoring Family Links work, affecting the Red Cross and Red Crescent Movement's ability to reunite separated family members. We are working as quickly as possible to identify workarounds to continue this vital work.”

Robert Mardini, ICRC's director-general was quoted in the release saying that "An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised. This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk."