Red Cross forced to shutter family reunion service following cyberattack and data leak
Director-general pleads with cyber-scum: leave this data alone, because the people involved have suffered enough
Humanitarian organization the International Red Cross disclosed this week that it has fallen foul of a cyberattack that saw the data of over 515,000 "highly vulnerable people" exposed to an unknown entity.
The target of the attack was the organisation's Restoring Family Links operation, which strives to find missing persons and reunite those separated from their families due to armed conflict, migration, disaster, detention and other catastrophic events. The service is free, but is currently offline.
Among the stolen data were names, locations, and contact information. The org said the data originated from at least 60 Red Cross and Red Crescent National Societies around the world.
The threat actor is currently unidentified. However, it is understood that they executed the attack on a Switzerland-based contractor that stores the nonprofit's data. There are no indications that the data has been leaked publicly.
- COVID-19 was a generational opportunity for change at work – and corporate blew it
- I own that $4.5bn of digi-dosh so rewrite your blockchain and give it to me, Craig Wright tells Bitcoin SV devs
- Ad blockers altering website code is not a copyright violation, German court rules
The Red Cross said the attack jeopardizes its work, and pleaded with the perp not to leak the data.
International Committee Red Cross director-general Robert Mardini addressed the evil-doers: "While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them:
Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world's least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data.
In the early months of the COVID-19 pandemic, some ransomware-slingers pledged not to target medical organisations because they already had enough on their plate. That détente didn't hold for long – by May 2021, a string of hospitals were hit by ransomware, causing them to postpone surgeries, appointments and more.
Mardini said that on average, when the org isn't under a cyberattack, it reunites 12 missing people with their families a day.
"Because of the attack, we have been obliged to shut down the systems underpinning our Restoring Family Links work, affecting the Red Cross and Red Crescent Movement's ability to reunite separated family members," said the Red Cross in a canned statement. "We are working as quickly as possible to identify workarounds to continue this vital work." ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Privacy Sandbox
- Trusted Platform Module
- Zero trust