Current:Home > NewsCyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people -TradeBridge
Cyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people
View
Date:2025-04-15 08:31:18
The International Committee of the Red Cross has revealed that hackers have stolen data on over 515,000 "highly vulnerable people," recipients of aid and services from at least 60 affiliates of the charitable organization worldwide.
During the investigation into the extent of the attack, which targeted a contractor in Switzerland that was storing the data, the Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies.
The biggest concern is that the hackers will ransom, leak or sell sensitive information on the families and their locations to bad actors who might seek to cause further harm to victims. The Red Cross says it typically reunites 12 missing people with their families every day, work that will be interrupted for fear of further danger.
The aid organization, known for its role in armed conflicts, on Wednesday pleaded directly with the hackers in a statement to keep the data confidential.
"The real people, the real families behind the information you have now are among the world's least powerful," said Robert Mardini, the ICRC's director-general. "Please do the right thing. Do not sell, leak, or otherwise use this data."
The Red Cross did not immediately attribute the attack to specific cybercriminals, terrorists or nation-state hackers, nor did it provide any information or speculation about potential motivation for the cyberattack on its contractor in Switzerland.
A spokesperson for the ICRC in Washington, D.C., Elizabeth Shaw, told NPR that "there have been no demands" from the hackers in exchange for stolen data, indicating that the breach was likely not a ransomware attack.
The Red Cross has partnered with "highly specialized firms" to help deal with what it's calling a "sophisticated" attack, Shaw said. "Our message is to underscore that real people, real families are behind the data and sharing, selling or using it has the potential to harm," she wrote in an email to NPR.
It's still unclear why the hackers accessed the information, particularly as they haven't communicated any demands. However, vulnerable people can make for ideal targets for other possible scams and extortion, while refugees can become political pawns in broader geopolitical conflicts. Aid organizations could be espionage targets as well. Both the United Nations and the State Department's Agency for International Development were breached in 2021.
The families themselves, already victims of conflict and suffering, will be separated from family members longer periods of time, now fearful that they could be vulnerable to having their personal information exposed. "This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk," Mardini said.
Chris Painter, the president of the Global Forum on Cyber Expertise and the former top cyber diplomat at the State Department, told NPR the breach "highlights the human cost to hacking," rather than simply the financial cost to most companies and organizations that are victims of cyberattacks.
Similar to other sectors, the humanitarian community has benefited from advanced technology to more easily store data and improve response time in crises. However, those organizations don't always have the resources for advanced cybersecurity.
Niel Harper, the chief information security officer for the U.N. Office for Project Services, and Daniel Dobrygowski, the head of governance and trust at the World Economic Forum, wrote a piece earlier this week on why humanitarian organizations need to invest in cybersecurity — and why more well-endowed funders as well as tech companies should shoulder some of the cost. "Donors must view cybersecurity as critical to aid operations," they wrote.
Cybersecurity experts called for an international response to the cyberattack against the Red Cross.
"Exposing data of vulnerable people in the Red Cross database should be urgently addressed by international community and the perpetrators should be brought to justice," wrote Heli Tiirmaa-Klaar, the director of the Digital Society Institute in Berlin in an email to NPR. She previously served as Estonia's ambassador-at-large for cyber diplomacy.
"This is another grim reminder that cyber risks have real world consequences, and should be dealt with utmost care and responsibility," she added.
veryGood! (3)
Related
- John Galliano out at Maison Margiela, capping year of fashion designer musical chairs
- U.S., Mexico ask WHO for emergency declaration over deadly fungal outbreak
- TLC's Jazz Jennings and Gabe Paboga Detail the Beauty and Terror of Being Transgender on TV
- Microsoft president Brad Smith on real concern about Chinese malware targeting critical infrastructure
- This was the average Social Security benefit in 2004, and here's what it is now
- Lala Kent Shares Details on Explosive Vanderpump Rules Reunion Taping
- Denmark and Netherlands to lead F-16 training for Ukrainians
- Brian Austin Green Debuts Blonde Hair During 2023 iHeartRadio Music Awards Date With Sharna Burgess
- Which apps offer encrypted messaging? How to switch and what to know after feds’ warning
- Bear blamed for Italy runner's death in Alps gets reprieve from being euthanized for now
Ranking
- Who's hosting 'Saturday Night Live' tonight? Musical guest, how to watch Dec. 14 episode
- Cardi B and Her Entire Family Have Joined the Cast of the Baby Shark Movie
- Sephora 24-Hour Flash Sale: 50% Off Dermalogica, Urban Decay, Clinique, PMD, and More
- Remains of Indiana soldier killed during World War II identified
- Sarah J. Maas books explained: How to read 'ACOTAR,' 'Throne of Glass' in order.
- 45 bags containing human remains found after 7 young people go missing in western Mexico
- Young Ontario couple killed by landlord over tenancy dispute, police say
- These Iconic Blake Lively and Beyoncé Outfits Are Getting the Royal Treatment at Kensington Palace
Recommendation
South Korea's acting president moves to reassure allies, calm markets after Yoon impeachment
Jennifer Aniston Responds to Claims That Friends Is Offensive
Pope Francis skips scheduled meetings due to a fever, Vatican says
TLC's Chilli Sets the Record Straight on Her Baby and Wedding Plans Amid Matthew Lawrence Romance
Senate begins final push to expand Social Security benefits for millions of people
Large, unexploded WWII bomb forces 2,500 to evacuate in Poland
Prince Harry Slams Royal Institution for Allegedly Withholding Information From Him on Phone Hacking
Doja Cat Claps Back Over Plastic Surgery Confessions