IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Red Cross "appalled" by data breach targeting 515,000 vulnerable people

The charitable organisation has begged cyber attackers not to leak the data online in emotional plea

The International Committee of the Red Cross (ICRC) has issued a plea to cyber attackers to "do the right thing" and not leak the personal information of more than half a million vulnerable people, following an attack on its systems this week.

Red Cross announced on Wednesday that it became aware of a data breach at one of its Switzerland-based partners managing data storage on behalf of the international charity.

It said personal information on more than 515,000 vulnerable people was compromised as part of the breach, which is said to include details on those separated from families due to conflict, migration, and disaster, and people in detention facilities.

The Red Cross said that individuals that have already experienced "untold suffering" are likely to suffer further as a result of the data breach.

No individual or group has claimed responsibility for the attack at the time of writing, and there is no indication that the compromised data has been distributed online. The Red Cross implored the attackers on Wednesday not to leak, publish, or otherwise share the information related to those affected.

"While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them," said Robert Mardini, ICRC's director-general. "Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world's least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data."

In an emotionally-charged announcement, Mardini added: "An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised".

The Red Cross Restoring Family Links programme website displayed as being under maintenance following a cyber attack

Red Cross said it has been forced to shut down its systems supporting the Restoring Family Links programme, which is jointly run by Red Cross and Red Crescent. The program aims to reunite family members separated by conflict, disaster, or migration. The website remains down at the time of writing.

Red Cross said it's taking the breach "extremely seriously" and will try to return to reuniting families, which it currently does successfully with an average of 12 cases per day, as soon as it can.

Hackers change tack

In recent years, many cyber attackers have heeded the condemnation from the cyber security community regarding the targeting of non-profit, charitable, and other 'for good' organisations, many of which have excluded these types of targets from their operations.

Related Resource

Your journey to zero trust

What you wish you knew before you started

Image of speaker Dave Gruber in black and white with associated company logos along bottomWatch now

Numerous ransomware gangs have notably made public announcements saying they will not target such organisations. The operators of DoppelPaymer ransomware is one example, as is the Maze ransomware group.

DarkSide, the group responsible for the Colonial Pipeline attack in 2021, also famously said it would not target healthcare organisations and other types it deemed to be morally out of bounds such as schools, non-profits, and public sector bodies.

The moves followed a number of high-profile cyber attacks which were seen as morally reprehensible at the time. For example, the hack on the World Health Organisation at the start of the COVID-19 pandemic was met with universal condemnation, and an infamous hack on a German hospital that led to a patient's death later that year also captured the world's attention for the wrong reasons.

Though not all cyber attackers have adopted such morally acceptable stances on victim targeting. The FIN12 hacking group gained notoriety for actively pursuing targets in the healthcare space and a 2021 Mandiant report indicated nearly a fifth of its targets were in the healthcare industry, many of which operated medical facilities.

"Healthcare is one of the most targeted industries by threat actors according to our data, and it will continue to be one of the most attacked targets in 2022," said Lotem Finkelsteen, head of threat intelligence and research at Check Point Software Technologies to IT Pro. "We are talking about 830 weekly cyber attacks on healthcare organisations in 2021, this is over 71% increase in just one year.

"Hackers show no mercy on healthcare or other such humanitarian targets, and the Red Cross is not alone here. Hacking groups are aware of the sensitivity of this data, and they see them as ‘fast money targets’. Hospitals and healthcare organisations can’t afford to halt operations, as it could literally lead to life or death situations."

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022