“We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” ICRC Director-General Robert Mardini said in a statement.
It’s unclear who was responsible for the cyber incident, but the Red Cross said its “most pressing concern” was the potential for the compromised data to be leaked. There is no indication that has happened yet, according to the Red Cross.
The hack hit a Switzerland-based firm that the Red Cross pays to store its data, the humanitarian organization said without naming the firm. The compromised data came from at least 60 of the “national societies,” or networks of volunteers and staff, around the world that the Red Cross uses as first responders to disasters.
“As a first step, we will work with most concerned ICRC delegations and Red Cross and Red Crescent societies on the ground to find ways to inform individuals and families whose data may have been compromised, what measures are being taken to protect their data and the risks they may possibly face,” Red Cross spokesperson Elizabeth Shaw told CNN in an email.
Lukasz Olejnik, a former cyber warfare adviser at Red Cross headquarters in Geneva, told CNN that the incident “seems to be the biggest and most sensitive breach in history of ICRC and, probably, considering the sensitiveness, of all humanitarian organizations to date.”
Shaw said that ransomware was not involved in the incident and that the Red Cross was working with “highly specialized” cybersecurity firms to respond to the hack.
The Red Cross should consider asking governments that are party to the Geneva Conventions for help in recovering from the hack, Olejnik, who is an independent cybersecurity consultant, told CNN.
Check the latest news about Politics news section for best information related to politics news topic.