International Red Cross hack exposed 515,000 vulnerable people

Hackers targeting the International Committee of the Red Cross (ICRC) stole the personal information of around 515,000 “highly vulnerable” people. 

The ICRC said it had been the victims of a “sophisticated cyber-attack.” The information stolen included confidential information of vulnerable victims of war, missing persons, and detainees around the world. 

“The ICRC's most pressing concern following this attack is the potential risks that come with this breach — including confidential information being shared publicly — for people that the Red Cross and Red Crescent network seeks to protect and assist, as well as their families. When people go missing, the anguish and uncertainty for their families and friends is intense,” said an ICRC statement.

As a result of the cyber-attack, the ICRC was forced to shut down the systems that support a program that reunites families that have been separated by conflict, migration, or disasters. 

The attack targeted an external company in Switzerland that the ICRC used to store data, said the humanitarian organization.  

It remains unclear who carried out the attack. However, the data does not appear to have been leaked yet. ICRC Director-General Robert Mardini pleaded with the attackers to "do the right thing — do not share, sell, leak or otherwise use this data."