The International Committee of the Red Cross has provided insights into a highly sophisticated data breach exposing critical information belonging to more than half a million highly susceptible people.
On January 19, 2022, the ICRC, the Red Cross overseer, confirmed that the cyber-attack was introduced against a Switzerland-based external firm contracted by the Red Cross to store vast amounts of information.
According to ICRC, records accumulated during the cyber breach were collected from about 60 Red Crescent and Red Cross-National Societies.
Overall, about 515,000 people were affected by this breach. And many of these individuals belong to the ‘highly susceptible’ category. This includes those separated from their families because of disasters or conflicts and missing people. In addition, many of them are individuals belonging to detention centres.
“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised. This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.” This is what Robert Mardini, director-general, ICRC had to say about the attack.
The ICRC, together with the much broader Red Crescent and Red Cross network, runs a program called’ Restoring Family Links’. The program aims to reunite family members separated due to migration, disaster, or conflicts.
Due to the attack, this process of reuniting with family members has slowed down temporarily. “We are taking this breach extremely seriously. We are working closely with our humanitarian partners worldwide to understand the scope of the attack and take the appropriate measures to safeguard our data in the future,” added Mardini.