Red Cross Hacked - Half A Million Victims At Risk

Uploaded on 2022-01-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

The International Committee of the Red Cross (ICRC) has disclosed a cyber attack on its data servers that compromised confidential information on more than half a million vulnerable people. 

The Geneva-based agency announced thet the breach by unknown intruders affected data on more than 515,000 people “including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention”.

Among the stolen data were names, locations, and contact information. The organisation said the data originated from at least 60 Red Cross and Red Crescent National Societies around the world and forced it to shut down systems around its Restoring Family Links programme, which aims to reunite family members separated by conflict, disaster or migration.

The threat actor is currently unidentified. However, it is understood that they executed the attack on a Switzerland-based contractor that stores the non-profit's data. There are no indications that the data has been leaked publicly.
“A sophisticated cyber security attack against computer servers hosting information held by the was detected this week,” it said in a statement. 

The ICRC offered no immediate indication as to who might have carried out the attack, although it did say that the hackers targeted an external company located in Switzerland that the ICRC contracts to store data. The data originated from at least 60 Red Cross and Red Crescent national societies around the world.

There was no evidence so far that the compromised information had been leaked or put in the public domain. The ICRC said its “most pressing concern” was the “potential risks that come with this breach, including confidential information being shared publicly - for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families”.

“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said the ICRC director general, Robert Mardini. "While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them... Please do the right thing. Do not share, sell, leak or otherwise use this data." An ICRC spokesman, said the organisation had never before experienced a hack of similar scale.

ICRC:      Guardian:   Al Jazeera:    The Register:      Portswigger:     BBC

You Might Also Read: 






 

« NATO & Ukraine Agree Deeper Cyber Co-operation
SAAS Malware Used To Attack Crypto Wallets »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Firebrand

Firebrand

Firebrand is the leader in Accelerated Learning in the field of IT and project management.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

Cast Software

Cast Software

CAST is a pioneer in Software Analysis and Measurement (SAM) to capture and quantify the reliability and security of business applications.

KoolSpan

KoolSpan

KoolSpan’s security and privacy solutions address the growing threat of loss or theft of intellectual property, information, and proprietary assets.

Global Information Assurance Certification (GIAC)

Global Information Assurance Certification (GIAC)

GIAC provides certification in the knowledge and skills necessary for a practitioner in key areas of computer, information and software security.

S21sec

S21sec

S21sec is a leading European pure play cybersecurity consultancy, services and solutions provider.

Crosscheck Networks

Crosscheck Networks

Crosscheck products allow you to test your APIs across different protocols and message formats with functional automation, performance, and security testing capabilities.

Lirex

Lirex

Lirex offer consulting and outsourcing services, complete design, construction and maintenance of ICT solutions and systems including cybersecurity.

Dathena

Dathena

Dathena is a company developing data governance software based on machine learning algorithms.

Savanti Consulting

Savanti Consulting

Savanti provides practitioner-led cyber security services tailored to meet each organisation’s unique requirements.

CYBAVO

CYBAVO

CYBAVO is a cryptocurrency security company founded by experts from the cryptocurrency and security industries.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Nicoll Curtin

Nicoll Curtin

Nicoll Curtin is a global company with over 20 years of experience in connecting outstanding talent with industry leading companies within Technology, Change and Cyber Security.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

CyberCure

CyberCure

CyberCure provide specialised roles and services to manage your organisations cybersecurity requirements and professional advisory services in governance, risk and compliance.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.