A Red Cross contractor was recently hacked and the data of 515,000 people who needed Red Cross services was stolen.
In this context, the Red Cross was reduced to essentially pleading with the hackers publicly so that they wouldn’t leak or use the data for these “highly vulnerable people”.
The personal data stolen belonged to half a million people who used a program to reunite with family members separated by conflict, disaster, migration, missing persons and their families, and people in detention, adding undue strain to already suffering individuals.
“Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data,” said Robert Mardini, the director-general of the International Committee for the Red Cross, in the press release pleading with the cyber attackers.
Considering how many bad actors target vulnerable people with scams, it’s likely that this leaked data could have catastrophic implications.
Hackers and other bad actors could pretend to act as the Red Cross and scam vulnerable individuals, steal their identities, blackmail them or even leak their information to malicious individuals in areas of conflict.
“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” Mardini also said.
Neither the Red Cross nor the authorities know at this point who is responsible for the attack or their motivation. Because of this and to further secure their organization, the Red Cross had to shut down the systems responsible for reuniting vulnerable people with their loved ones and are looking for workarounds to continue their work.