Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Data of ‘highly vulnerable’ war victims compromised in massive Red Cross cyber attack

Compromised data originated from at least 60 Red Cross and Red Crescent National Societies around world

Stuti Mishra
Thursday 20 January 2022 13:06 GMT
Comments
File photo: Robert Mardini, ICRC’s director-general, called on those responsible to ‘do the right thing’
File photo: Robert Mardini, ICRC’s director-general, called on those responsible to ‘do the right thing’ (Martial Trezzini/Keystone via AP)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The International Committee of the Red Cross (ICRC) said it became a victim of a sophisticated cyber security attack this week, and personal details of highly vulnerable people were breached.

The attack compromised the personal data of more than 515,000 “highly vulnerable people”, including “those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention”, the organisation said on Wednesday in a statement.

It added that the target was a contractor used by the Geneva-based organisation to store its data but did not name the company.

The compromised data originated from at least 60 Red Cross and Red Crescent National Societies around the world.

“The ICRC’s most pressing concern following this attack is the potential risks that come with this breach -- including confidential information being shared publicly -- for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families,” the organisation said.

In response, the Red Cross shut down online systems that support a programme that reunites families separated by conflict, migration or disaster, the humanitarian organisation said, adding that it is working at full pace to resume services.

“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said Robert Mardini, ICRC’s director general.

“This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk,” he added.

The organisation said that it had no indication of who the attackers are, but Mr Mardini called on those responsible to “do the right thing” and not share, sell, leak or otherwise use the data.

“Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering,” he said. “We are taking this breach extremely seriously. We are working closely with our humanitarian partners worldwide to understand the scope of the attack and take the appropriate measures to safeguard our data in the future.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in