Red Cross cyberattack sees data of thousands at-risk people stolen

Data Breach
Image Credit: Shutterstock (Image credit: Shutterstock)

A supply chain attack has resulted in the data of more than half a million “highly vulnerable people” stolen from Red Cross systems.

A contractor for the Swiss-based International Committee of the Red Cross (ICRC) fell victim to a cyberattack recently, with unknown malicious actors making away with sensitive data on more than 515,000 individuals.

And not just any individuals - people who got separated from their families through conflict, migration, or natural disasters, missing persons and their families, as well as people in detention.

Mystery attack

Initial reports are saying that this was not a ransomware attack, but we don't know if any endpoints were infected with malware, or if a malicious actor compromised the network via a stolen identity.

The data that was stolen came from at least 60 Red Cross and Red Crescent “national societies”, comprising of information on staff, volunteers, first respondents, as well as those affected by various tragedies.

"As a first step, we will work with most concerned ICRC delegations and Red Cross and Red Crescent societies on the ground to find ways to inform individuals and families whose data may have been compromised, what measures are being taken to protect their data and the risks they may possibly face," Red Cross spokesperson Elizabeth Shaw told CNN.

Biggest breach ever

The Red Cross also said it employed a “highly specialized” cybersecurity firm in response.

Speaking to CNN, Lukasz Olejnik, a former cyber warfare adviser at Red Cross headquarters in Geneva, said chances are this is “the biggest and most sensitive breach in the history of ICRC”. Considering the sensitiveness of the data, it could also be the greatest breach “of all humanitarian organizations to date.”

Who would want to target such a cohort, and to what end, is anyone’s guess. Most ransomware operators, for example, have recently announced they would refrain from targeting government institutions, key infrastructure firms, and healthcare institutions, after a counter-offensive by multiple law enforcement agencies, militaries, and intelligence agencies around the world, which took down some of the largest players. 

  • You might also want to check out our list of the best firewalls right now

Via: CNN

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A person's fingers type at a keyboard, with a digital security screen with a lock on it overlaid.
Blood donation firm reveals donor personal data stolen in cyberattack
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
Code Skull
Blood donation giant warns of issues following ransomware attack
Data leak
Ransomware attackers leak stolen Rhode Island private info following hack
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Thousands of Rhode Island citizens have data stolen after social services hit by cyberattack
An abstract image of padlocks overlaying a digital background.
US healthcare giant Ascension says ransomware attack affected nearly six million customers
Latest in Security
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
botnet
Another top security camera maker is seeing devices hijacked into botnet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Latest in News
Xbox Series X
Xbox is reportedly teaming up with a mystery manufacturer to launch a PC gaming handheld this year
Apple's Craig Federighi demonstrates the iPhone Mirroring feature of macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.
Report: iOS 19 and macOS 16 could mark their biggest design overhaul in years – and we have one request
Google Gemini Calendar
Gemini is coming to Google Calendar, here’s how it will work and how to try it now
Lego Mario Kart – Mario & Standard Kart set on a shelf.
Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
Apple iPhone 16e
Which affordable phone wins the mid-range race: the iPhone 16e, Nothing 3a, or Samsung Galaxy A56? Our latest podcast tells all