The International Committee of the Red Cross (ICRC), better known as simply the Red Cross, is a humanitarian organization providing aid to millions worldwide. Tap or click here for nine essential apps you don’t want to be without in an emergency.
Operating in over 90 countries, the Red Cross is often the first organization on the ground during war, tragedy or natural disasters. To provide sufficient aid where needed, it keeps various records of vulnerable people.
Unfortunately, these records have been the target of a cyberattack. Read on to discover how cybercriminals breached Red Cross’ servers to expose more than half a million people’s data.
Here’s the backstory
The ICRC recently discovered a breach at its central servers, and the criminals made off with precious data. The exact method of the hack isn’t clear. However, it came to light that a contractor for ICRC served as the entry point. The ICRC makes use of external companies to store data.
The highly-sensitive data is a collection of personal information of around 515,000 people. There are now fears that criminals can use it for exploitation.
“The ICRC’s most pressing concern following this attack is the potential risks that come with this breach for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families,” the organization said in a statement.
Who’s impacted by the breach:
- People separated from their families due to conflict, migration and disaster
- Missing persons and their families
- People in detention
- Red Cross staff
- Personal details of volunteers and first respondents
Fortunately, there has been no indication that the stolen data has been made available for sale on the black market or that it has been uploaded to hacker forums. But this shows just how low cybercriminals will sink and steal from any and everyone — even the most vulnerable.
What they are doing about it
The Red Cross has appealed to the hackers to “do the right thing” by not sharing, using or selling any data. The breach has already had a massive impact on Red Cross operations, with the Restoring Family Links program forcing it to shut down.
“Because of the attack, we have been obliged to shut down the systems underpinning our Restoring Family Links work, affecting the Red Cross and Red Crescent Movement’s ability to reunite separated family members,” the Red Cross explained.
A former cyber warfare adviser to the organization told CNN that such an attack on a humanitarian organization is unprecedented, calling it “the biggest and most sensitive breach in the history of ICRC.”
But this attack is, unfortunately, part of a much bigger problem. According to Atlas VPN, over 4 billion accounts were exposed in just the first quarter of last year. The most significant contributor to leaked data was the release of COMB, which collated 3.2 billion accounts.
Americans also appear to be the most targeted in the world. More than 212 million U.S. citizens fell victim to data breaches in 2021.