adplus-dvertising

Hackers Steal Data On 515,000 People From Red Cross, Hurting Humanitarian Efforts

Hackers Steal Data On 515,000 People From Red Cross, Hurting Humanitarian Efforts

The International Committee of the Red Cross (ICRC) said that it was the victim of a cyberattack on Thursday after hackers made off with sensitive data on half a million people in its systems. Much of this data belonged to people and families it has been working to aid in conflict zones worldwide. 

In a statement, the Red Cross provided details on what was an extensive hacking operation that began with the penetration of a contractor that stored its data in Switzerland. After the initial compromise, the cybercriminals were able to make off with data on 515,000 people receiving assistance from the Red Cross and data belonging to over 60 other nonprofits and charities it collaborated with.

Unlike other high-profile hackings of large corporations or government agencies, this attack laid bare a more human cost to cyber-attacks. According to NPR, the hack forced the Red Cross to temporarily shut down a program that reunites families torn apart by violence, migration or other tragedies. The agency estimates that it assists in work to reunite up to 12 missing persons with their families a day on average, but this has been directly impacted by the breach.


Robert Mardini, the ICRC's director-general, said that the cyber attack put already vulnerable people at further risk. He lamented that the data belonging to missing persons it was looking for in particular only heaped more pain on families, who are suffering in onerous conditions. In a direct plea to the hackers, Mardini implored them not to make the situation even worse for the families they affected by selling or marketing the data they stole. 

The identity of the hackers is currently unknown and any connection to criminal syndicates, transnational groups or nation-states is similarly unclear. What is clear however is the vulnerability of actors in the humanitarian and non-profit sectors to cybercriminals, who opportunistically seek targets they can profit off of by stealing sensitive data.

Lukasz Olejnik, a former cyber warfare adviser at Red Cross headquarters in Geneva, told CNN that the incident "seems to be the biggest and most sensitive breach in the history of ICRC and, probably, considering the sensitiveness, of all humanitarian organizations to date." 

The Red Cross said that it has hired a private security firm to assist it in the aftermath of the hack, but Olejnik told CNN that the agency should consider turning to national governments too for assistance in recovering the data or catching the perpetrators responsible.