The International Committee of the Red Cross (ICRC) has announcement January 19 that a company hosting his data was the victim of a cyberattack “within the week”. Information on 515,000 people linked to at least 60 national Red Cross and Red Crescent societies was stolen.
This cyberattack could endanger people assisted by the ICRC
Asked by CNN, Lukasz Olejnik, former cybersecurity officer at ICRC headquarters in Geneva, believes that the attack ” seems to be the largest and most sensitive violation in the history of the ICRC and, probably, given the sensitivity, of all humanitarian organizations to date “.
Ukraine: several government websites are victims of a massive cyberattack
According to the ICRC press release, the data recovered concerns “ extremely vulnerable people, including people separated from their families due to conflict, migration or disaster, missing people and their families, and people in detention “.
The ICRC is concerned for the safety of people whose data has been compromised. The director general of the NGO, Robert Mandini, regretted that ” this cyberattack further endangers vulnerable people, those who already need humanitarian services “.
He urged the hackers not to make the recovered information public. The ICRC currently believes that no stolen data appears to have been publicly disclosed.
The Red Cross does not know who is responsible for the hack
The ICRC had to pause systems related to its “restoring family links” programme. The purpose of the latter is to connect people who disappeared during a conflict, a disaster or a migration, with their family.
According to the Red Cross, 12 people benefit from this program every day. The committee said ” We are working as quickly as possible to identify workarounds to continue this vital work. “.
The ICRC specifies that it has no indication, for the time being, of the perpetrators of the cyberattack. He said he was working to understand how such an event could have happened and how to better secure his data in the future.