Hackers have stolen sensitive data from more than 515,000 particularly vulnerable people at the International Red Cross. Allegedly, the data is already being offered for sale on a forum. […]
The International Red Cross (ICRC) in Geneva has been the victim of a large-scale cyber attack. According to the organization, personal data and confidential information of more than 515,000 particularly vulnerable people were compromised – including those who were separated from their families due to conflicts, migration and disasters, missing people and their families, as well as detained persons. According to the data, the data comes from at least 60 national Red Cross and Red Crescent societies worldwide.
Robert Mardini, Director General of the ICRC, is shocked by the attack: “We are all horrified and stunned that humanitarian information on the target of such an attack and those affected are exposed to a serious danger.” An attack on the data of people who are missing makes the fear and suffering for the families even harder to bear,” Mardini is quoted as saying.
And he is convinced that the cyber attack endangers both the people who are already dependent on humanitarian aid, as well as the important work of the ICRC. “We take this attack very seriously and are working closely with our humanitarian partners around the world to understand the scale of this attack and to take appropriate measures to protect our data in the future,” the Secretary-General said.
According to the ICRC, it is clear that the cyber attack was directed against an external company in Switzerland that stores data on behalf of the ICRC. But: “So far we do not know who is responsible for this attack or why it was carried out at all,” says Mardini. He now wants to send a message to the hackers: “Their actions only cause more pain and worry among people who have already experienced untold suffering. They are real people and real families whose information they now have in their hands, and they are among the weakest of the weak in the world. Please do the right thing. Do not share, sell, disseminate or use this data, ” he is quoted as saying in the Communiqué.
At the time when the ICRC sent the press release, it allegedly had no evidence that the hacked information had been disseminated or made available to the public. But the worst case could have arrived. As “Inside-IT” reports, the stolen data has apparently been offered for sale on a hacker forum since Thursday afternoon. A user also addresses Robert Mardini directly in a message and asks him to check his e-mails and transfer a certain amount. However, it has not yet been confirmed whether this is actually the data stolen from the ICRC.