Red Cross Hacked - Half A Million Victims At Risk

Uploaded on 2022-01-24 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

The International Committee of the Red Cross (ICRC) has disclosed a cyber attack on its data servers that compromised confidential information on more than half a million vulnerable people. 

The Geneva-based agency announced thet the breach by unknown intruders affected data on more than 515,000 people “including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention”.

Among the stolen data were names, locations, and contact information. The organisation said the data originated from at least 60 Red Cross and Red Crescent National Societies around the world and forced it to shut down systems around its Restoring Family Links programme, which aims to reunite family members separated by conflict, disaster or migration.

The threat actor is currently unidentified. However, it is understood that they executed the attack on a Switzerland-based contractor that stores the non-profit's data. There are no indications that the data has been leaked publicly.
“A sophisticated cyber security attack against computer servers hosting information held by the was detected this week,” it said in a statement. 

The ICRC offered no immediate indication as to who might have carried out the attack, although it did say that the hackers targeted an external company located in Switzerland that the ICRC contracts to store data. The data originated from at least 60 Red Cross and Red Crescent national societies around the world.

There was no evidence so far that the compromised information had been leaked or put in the public domain. The ICRC said its “most pressing concern” was the “potential risks that come with this breach, including confidential information being shared publicly - for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families”.

“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said the ICRC director general, Robert Mardini. "While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them... Please do the right thing. Do not share, sell, leak or otherwise use this data." An ICRC spokesman, said the organisation had never before experienced a hack of similar scale.

ICRC:      Guardian:   Al Jazeera:    The Register:      Portswigger:     BBC

You Might Also Read: 






 

« NATO & Ukraine Agree Deeper Cyber Co-operation
SAAS Malware Used To Attack Crypto Wallets »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) handles security incidents on forskningsnettet, the National Research and Education Network (NREN) in Denmark.

Herjavec Group

Herjavec Group

Herjavec Group's Managed Security Services practice defends your organization from increasingly sophisticated, targeted cybercrime threats.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

SecuriThings

SecuriThings

SecuriThings is a User and Entity Behavioral Analytics (UEBA) solution for IoT security.

Managed Security Solutions (MSS)

Managed Security Solutions (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Synectics Solutions

Synectics Solutions

Synectics deliver solutions for reducing risk, combating financial crime, and enabling organisations to meet their compliance and regulatory commitments.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

Accelerator Frankfurt

Accelerator Frankfurt

Accelerator Frankfurt is an independent go-to-market program focused on Fintech, Cybersecurity and Digital B2B startups.

TotalAV

TotalAV

TotalAV Antivirus is a free-to-use app packed with all the essential features to find and remove malware, keeping you safe.

CoreStack

CoreStack

CoreStack helps enterprises overcome cloud challenges such as ever growing security risks, stringent regulatory compliance needs and operational complexities.

Suffescom Solutions

Suffescom Solutions

Suffescom Solutions is a leading blockchain development company, assisting businesses in harnessing the true potential of blockchain technology.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.

Clutch Security

Clutch Security

Clutch Security are on a mission to secure all Non-Human Identities. Everywhere.