Red Cross confirms breach in servers, hackers access over 5 lakh data

A cyberattack on computer servers used by the International Committee of the Red Cross (ICRC) has accessed data of more than 5,15,000 highly vulnerable individuals, including those separated from their families due to conflict and disaster, missing persons and their families and people in detention.  

The data is from about 60 Red Cross and Red Cresent National Societies across the globe.  

"An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised," said Robert Mardini, ICRC's director-general.  

"This cyberattack puts vulnerable people, those already in need of humanitarian services, at further risk."

It is however not yet confirmed about who are behind the attack. The hackers targeted an external company in Switzerland to which ICRC contracts for data storage. 

"While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them," said Mardini. 

"Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world's least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data."

The ICRC said it is working to identify workarounds to continue the operations.  

"Every day, the Red Cross Red Crescent Movement helps reunite on average 12 missing people with their families. That's a dozen joyful family reunifications every day.  

Cyberattacks like this jeopardise that essential work," Mardini said.  

"We are taking this breach extremely seriously. We are working closely with our humanitarian partners worldwide to understand the scope of the attack and take the appropriate measures to safeguard our data in the future."