Red Cross Hit via Third-Party Cyberattack

The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.

Dark Reading Staff, Dark Reading

January 20, 2022

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The International Committee of the Red Cross (ICRC) this week confirmed a cyberattack against servers holding its data has compromised the personal and confidential data of more than 515,000 "highly vulnerable people."

This data came from at least 60 Red Cross and Red Crescent National Societies around the world, officials stated. The attack did not target the ICRC directly but rather an external company in Switzerland the ICRC contracts to store its information. So far there are no immediate signs of who might be responsible.

Due to the attack, officials have shut down the systems underpinning its Restoring Family Links network, affecting their ability to run a program that seeks to reunite family members separated by conflict, disaster, or migration. "We are working as quickly as possible to identify workarounds to continue this vital work," they said.

There is no sign so far indicating the data has been publicly shared. In a statement, officials implore the attackers not to sell, leak, or otherwise use the data. The ICRC's most pressing concern is the potential risk of confidential information being shared and potentially affecting the people the Red Cross and Red Crescent aim to protect, officials stated.

Read the ICRC's full notice for more information.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights