Current:Home > FinanceCyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people -TradeCircle
Cyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people
View
Date:2025-04-15 21:19:03
The International Committee of the Red Cross has revealed that hackers have stolen data on over 515,000 "highly vulnerable people," recipients of aid and services from at least 60 affiliates of the charitable organization worldwide.
During the investigation into the extent of the attack, which targeted a contractor in Switzerland that was storing the data, the Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies.
The biggest concern is that the hackers will ransom, leak or sell sensitive information on the families and their locations to bad actors who might seek to cause further harm to victims. The Red Cross says it typically reunites 12 missing people with their families every day, work that will be interrupted for fear of further danger.
The aid organization, known for its role in armed conflicts, on Wednesday pleaded directly with the hackers in a statement to keep the data confidential.
"The real people, the real families behind the information you have now are among the world's least powerful," said Robert Mardini, the ICRC's director-general. "Please do the right thing. Do not sell, leak, or otherwise use this data."
The Red Cross did not immediately attribute the attack to specific cybercriminals, terrorists or nation-state hackers, nor did it provide any information or speculation about potential motivation for the cyberattack on its contractor in Switzerland.
A spokesperson for the ICRC in Washington, D.C., Elizabeth Shaw, told NPR that "there have been no demands" from the hackers in exchange for stolen data, indicating that the breach was likely not a ransomware attack.
The Red Cross has partnered with "highly specialized firms" to help deal with what it's calling a "sophisticated" attack, Shaw said. "Our message is to underscore that real people, real families are behind the data and sharing, selling or using it has the potential to harm," she wrote in an email to NPR.
It's still unclear why the hackers accessed the information, particularly as they haven't communicated any demands. However, vulnerable people can make for ideal targets for other possible scams and extortion, while refugees can become political pawns in broader geopolitical conflicts. Aid organizations could be espionage targets as well. Both the United Nations and the State Department's Agency for International Development were breached in 2021.
The families themselves, already victims of conflict and suffering, will be separated from family members longer periods of time, now fearful that they could be vulnerable to having their personal information exposed. "This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk," Mardini said.
Chris Painter, the president of the Global Forum on Cyber Expertise and the former top cyber diplomat at the State Department, told NPR the breach "highlights the human cost to hacking," rather than simply the financial cost to most companies and organizations that are victims of cyberattacks.
Similar to other sectors, the humanitarian community has benefited from advanced technology to more easily store data and improve response time in crises. However, those organizations don't always have the resources for advanced cybersecurity.
Niel Harper, the chief information security officer for the U.N. Office for Project Services, and Daniel Dobrygowski, the head of governance and trust at the World Economic Forum, wrote a piece earlier this week on why humanitarian organizations need to invest in cybersecurity — and why more well-endowed funders as well as tech companies should shoulder some of the cost. "Donors must view cybersecurity as critical to aid operations," they wrote.
Cybersecurity experts called for an international response to the cyberattack against the Red Cross.
"Exposing data of vulnerable people in the Red Cross database should be urgently addressed by international community and the perpetrators should be brought to justice," wrote Heli Tiirmaa-Klaar, the director of the Digital Society Institute in Berlin in an email to NPR. She previously served as Estonia's ambassador-at-large for cyber diplomacy.
"This is another grim reminder that cyber risks have real world consequences, and should be dealt with utmost care and responsibility," she added.
veryGood! (3562)
Related
- The White House is cracking down on overdraft fees
- Tesla evacuates its Germany plant. Musk blames 'eco-terrorists' for suspected arson
- Which Super Tuesday states have uncommitted on the ballot? The protest voting option against Biden is spreading.
- 'Love is Blind' Season 6 finale: When does the last episode come out?
- Travis Hunter, the 2
- OMG! Nordstrom Rack’s Spring Sale Includes up to 70% off Kate Spade, Free People, Madewell, & More
- Court rules Florida’s “stop woke” law restricting business diversity training is unconstitutional
- Kennedy Ryan's new novel, plus 4 other new romances by Black authors
- Friday the 13th luck? 13 past Mega Millions jackpot wins in December. See top 10 lottery prizes
- Teen Mom's Jenelle Evans and Husband David Eason Break Up After 6 Years of Marriage
Ranking
- 'Most Whopper
- Whole Foods Market plans to launch smaller Daily Shops; first to open in New York in 2024
- California votes in its Senate primary race today. Meet the candidates vying for Dianne Feinstein's seat.
- 'Real horsepower': See video of runaway horses galloping down Ohio highway
- Louvre will undergo expansion and restoration project, Macron says
- Get 55% off Fresh Skincare, 68% off Kate Spade Bags, Plus Nab JBL Earbuds for $29 & More Today Only Deals
- Crowded race for Alabama’s new US House district, as Democrats aim to flip seat in November
- A combination Applebee’s-IHOP? Parent company wants to bring dual-brand restaurants to the US
Recommendation
Person accused of accosting Rep. Nancy Mace at Capitol pleads not guilty to assault charge
EAGLEEYE COIN: Cryptocurrency payments, a new trend in the digital economy
New Hampshire man accused of kidnapping children, killing mother held without bail: reports
Regulator proposes capping credit card late fees at $8, latest in Biden campaign against ‘junk fees’
Costco membership growth 'robust,' even amid fee increase: What to know about earnings release
Vermont father pleads guilty to manslaughter in drowning death of 2-year-old son after allegedly fleeing DUI crash
The 2024 Oscars' best original song nominees, cruelly ranked
2 snowmobilers killed in separate avalanches in Washington and Idaho