Cyber Attack on Red Cross Data Stings Family Reunification Push, Feds Say
People in war zones and other dangerous areas may not be easily reunited with family members now that a hacker has targeted the International Committee of the Red Cross (ICRC), the U.S. State Department said in a statement Wednesday.
The sophisticated cyber security attack compromised the ICRC's Restoring Family Links service, which helps reunite families separated due to war, violence, natural disasters and other humanitarian crises. Hackers were able to gain access to "names, locations, and contact information" of more than 500,000 people receiving services from the Red Cross and Red Crescent Movement, the ICRC said.
This includes missing individuals and children who had been separated from their parents. The breach has dealt a severe blow to the global humanitarian network's ability to find those in trouble and allow them to rejoin their families.
The hackers also reportedly gained access to information on about 2,000 Red Cross volunteers, as the cyber invasion marks a rare attack on one of the world's most well-known humanitarian organizations.
With nearly 100 million volunteers operating in almost every country in the world, the ICRC is the governing body of the International Red Cross and Red Crescent Movement. Its mission is "to protect the lives and dignity of victims of armed conflict and other situations of violence," according to its website.
Headquartered in Switzerland, Red Cross organizations are often deployed to war-torn areas to provide emergency services and medical aid.
In the United States, the American Red Cross is most well-known for its work following natural disasters, helping displaced Americans in the aftermath of deadly events. It is also notable for its many blood drives held in communities throughout the nation.
As a whole, the ICRC remains one of the most recognized humanitarian groups in the world, and has been awarded three Nobel Peace Prizes.
"For 150 years, the ICRC and the wider Red Cross and Red Crescent Movement have played a unique and essential role in protecting vulnerable populations from the harms of armed conflicts, natural disasters, and other emergencies," State Department spokesperson Ned Price said. "To fulfill that role, the ICRC often does what no one else can—accessing detained persons in conflict zones or crossing frontlines to reach those in need."
Price added that the State Department was concerned that the hack "had real consequences: This cyber incident has harmed the global humanitarian network's ability to locate people and reconnect families."
"This is why it is so vital that humanitarian data be respected and only used for intended purposes," Price continued.
The press release from the State Department follows the announcement from the ICRC that it had fallen victim to the massive hacking effort in late January.
"Servers hosting the personal information of more than 500,000 people receiving services from the Red Cross and Red Crescent Movement were compromised in a sophisticated cyber security attack," the organization said in a statement. "We take this cyber-attack extremely seriously and have been working with our humanitarian partners around the world to understand the scope of the attack and take the appropriate measures to safeguard our data," the organization said in a statement.
The investigation of the massive breach is ongoing. "We have not had any contact with the hackers and no ransom ask has been made," the ICRC said. "We are willing to communicate directly and confidentially with whoever may be responsible for this operation to impress upon them the need to respect our humanitarian action."
Newsweek has reached out to the ICRC and the American Red Cross for comment.
