According to an announcement from the International Committee of the Red Cross (ICRC), hackers stole the personal data of over 520,000 people.
Victims were registered with the Restoring Family Links, a Red Cross program that reunites families separated by a war, migration, and disasters. Through the program, family members can submit requests for aid to track down their missing loved ones.
The data was stolen from various Red Cross and Red Crescent organizations globally. At this point, it is unknown what type of cyberattack was carried out on their contractor, a Swiss company.
“While we don’t know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them,” said Robert Mardini, ICRC’s director-general.
The International Committee of the Red Cross’ biggest concern is the possible exposure of sensitive information about people who are already suffering from disaster-related conditions. The organization is currently urging the hackers not to use or publish the stolen data.
“An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised. Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data.”
As of now, the ICRC noted that they did not find signs that the data of the affected company was leaked or shared publicly.
The organization then decided to shut down the systems of its program “Restoring Family Links” to investigate the breach.