A contractor for The International Committee of the Red Cross (ICRC) suffered a data breach, as revealed on Wednesday. Over 515,000 people are affected in the Red Cross and Red Crescent networks. These include those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.
Red Cross Data Breach: What We Know
A spokesperson for the Red Cross told TechCrunch the data included names, locations, and contact information, along with employee credentials for roughly 2,000 employees and volunteers. Due to the attack the Committee has been forced to shut down the Restoring Family Links network. This segment of the organization helps reunited family members who have been separated by conflict, disaster or migration.
The ICRC has no information on who carried out the attack. It targeted a contracting company located in Switzerland that the Committee uses to store data. It is also unknown that the data has been leaked or shared publicly.
Robert Mardini, ICRC’s director-general, asked the attackers not to share the data:
While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them. Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data.
For more information, the ICRC provides the following contact information: