Cyberattack on ICRC compromises data of 515,000 vulnerable people

It is unclear who was responsible for the attack but an ICRC spokesperson said it was “willing to communicate directly and confidentially with whoever may be responsible” and put an end to the breach.

Its most pressing concern is that the hacked information remains confidential and is not shared publicly. So far, there is no indication the data has been leaked.

“We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said Robert Mardini, ICRC’s director-general.

The Geneva-based humanitarian organisation provides protection and assistance for victims of war and other situations of violence.

“This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.” He appealed to the attackers to “do the right thing” and not to sell, share or leak the information.

The attack was carried out against a Swiss-based firm contracted by the ICRC to store its data, which comes from at least 60 Red Cross and Red Crescent National Societies around the world.

As a result of the breach, the organisation has been forced to shut down its IT systems that run a programme that helps reunite family members that have been separated by conflict, disaster or migration.

“Every day, the Red Cross Red Crescent Movement helps reunite on average 12 missing people with their families. That’s a dozen joyful family reunifications every day. Cyber-attacks like this jeopardise that essential work,” Mardini said.

“We are taking this breach extremely seriously. We are working closely with our humanitarian partners worldwide to understand the scope of the attack and take the appropriate measures to safeguard our data in the future.”

The ICRC has partnered with “highly specialised firms” to help with the response to the attack and is working with delegations on the ground to contact people whose data may have been compromised, a spokesperson said in an emailed statement to Geneva Solutions.