The International Committee of the Red Cross (ICRC) this week confirmed a cyberattack against servers holding its data has compromised the personal and confidential data of more than 515,000 "highly vulnerable people."
This data came from at least 60 Red Cross and Red Crescent National Societies around the world, officials stated. The attack did not target the ICRC directly but rather an external company in Switzerland the ICRC contracts to store its information. So far there are no immediate signs of who might be responsible.
Due to the attack, officials have shut down the systems underpinning its Restoring Family Links network, affecting their ability to run a program that seeks to reunite family members separated by conflict, disaster, or migration. "We are working as quickly as possible to identify workarounds to continue this vital work," they said.
There is no sign so far indicating the data has been publicly shared. In a statement, officials implore the attackers not to sell, leak, or otherwise use the data. The ICRC's most pressing concern is the potential risk of confidential information being shared and potentially affecting the people the Red Cross and Red Crescent aim to protect, officials stated.
Read the ICRC's full notice for more information.