Cyber-attack against Red Cross and Red Crescent targets the data of more than 500,000 people
3 min read
In a press release published on 19 January 2022, the International Rescue Committee (ICRC) said that the confidential information/data of more than 515,000 highly vulnerable persons including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention have been compromised by hackers. The data originated from at least 60 Red Cross and Red Crescent National Societies around the world.
The ICRC says they are more concerned with this attack as it poses a potential risk if the information is shared in public. “The ICRC’s most pressing concern following this attack is the potential risks that come with this breach — including confidential information being shared publicly — for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families. When people go missing, the anguish and uncertainty for their families and friends are intense.”
According to Robert Mardini, ICRC director-general, “An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised…This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.”
Though the ICRC has no immediate indications as to who carried out this cyber-attack, which targeted an external company in Switzerland the ICRC contracts to store data, ICRC reported that there is not yet any indication that the compromised information has been leaked or shared publicly. Has remarked by Mr Mardini “While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,”
“Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data.”
What type of information was compromised ” The ICRC along with the wider Red Cross and Red Crescent network jointly runs a program called Restoring Family Links that seeks to reunite family members separated by conflict, disaster or migration. Because of the attack, we have been obliged to shut down the systems underpinning our Restoring Family Links work, affecting the Red Cross and Red Crescent Movement’s ability to reunite separated family members. We are working as quickly as possible to identify workarounds to continue this vital work”. “Every day, the Red Cross Red Crescent Movement helps reunite on average 12 missing people with their families. That’s a dozen joyful family reunifications every day. Cyber-attacks like this jeopardise that essential work,” Mr Mardini said. “We are taking this breach extremely seriously.
At the end of the press release, the ICRC assured the public that they are working closely with their humanitarian partners worldwide to understand the scope of the attack and take the appropriate measures to safeguard our data in the future.
Click HERE to read original press release
Berinyuy Cajetan is the founder and publisher of Human Rights and Legal Research Centre (HRLRC) since 2017. He has intensive experience in strategic communications for Civil Society Organizations, campaign and advocacy, and social issues. He has an intensive experiencing in human rights monitoring, documentation and reporting.
