The Red Cross was the victim of a cyber attack that would have compromised the data of over 515 thousand “highly vulnerable people”. Cybercriminals targeted an external company in Switzerland tasked with archiving data from at least 60 national Red Cross and Red Crescent societies around the world, the Geneva-based association said.
It is still unclear who was responsible for the data theft, but the organization said its “biggest concern” concerns the possibility that compromised data will be disclosed. The attack forced the Red Cross to block computer systems who run Restoring Family Links, a welfare program that brings together families separated by conflicts, migration and disasters. In fact, more than for reputational damage, the organization is concerned about the risks to which already very fragile people and groups can be victims.
The Director General of the International Committee of the Red Cross Robert Mardini made an appeal asking to “non share, sell, disclose or otherwise use this data “.
Among those interested there are missing individuals and their families, unaccompanied or separated children, detainees and other people who receive services from the Red Cross and Red Crescent Movement due to armed conflict, natural disasters or migration, the organization’s spokespersons said.
Red Cross officials said cyber attacks like this jeopardize the organization’s work and prevent its staff from reuniting people with their families. “Every day, the Red Crescent movement of the Red Cross it helps to bring together twelve people on average to their families “, Mardini said.
“Most cybercriminals steal personal data to resell the information for profit, but what profit they could get illegally appropriating the information of some of the most vulnerable people in the world? “, commented David Masson, director of enterprise security at Darktrace, a company specializing in cyber defense. This attack, according to the expert, “It is an unfortunate, as well as devastating, example of the fact that no individual e no organization is immune from cyber threats”.
The Red Cross said it has not yet received a response from the attackers following the public appeal, while the site of Restoring Family Links remains inactive for maintenance. From what is known at the moment the stolen data has not been disclosed or a ransom has been requested.