Multinational impact on more than 500,000 extremely vulnerable people, putting aid programmes for families in war zones at risk. The data of over 500,000 vulnerable people was captured in a cyber attack. The ICRC is asking the hackers not to sell the data.

Initial analysis by the Red Cross with the work of the committee’s dedicated in-house IT staff and third-party cybersecurity firms has determined that data belonging to extremely vulnerable individuals has been compromised, including those engaged in the Restoring Family Links program that assists, separates, and protects families in the throes of armed conflict and disaster.

In terms of size and importance, this attack could have all the makings of the number one attack in the entire history of the International Red Cross. The details of this attack are still unclear, it is assumed to be ransomware, although expert sources close to the Committee tend to exclude this matrix. What is certain instead concerns the dynamics of the attack. It was suffered by a hosting company based in Switzerland, which is a contractor of the Committee of the International Red Cross and therefore guarded its data.

As indicated, the data largely belonged to the Assistance to Families in the Field of War program and belonged to at least 60 National Red Cross and Red Crescent Societies around the world.

The cyberattack jeopardized the work of the Red Cross, which was trying to reunite family members who had been separated by disasters, conflict and migration, he said.

The ICRC has been forced to shut down the systems needed to do that, he said. The organization is trying to find alternative solutions as soon as possible so that work can continue, he said.

According to the ICRC, there is no indication yet that any compromising information has been released to the public. The International Red Cross is working closely with its humanitarian partners around the world to understand the extent of the attack and to take appropriate measures to protect its data in the future.