Norwegian Refugee Council hit by cyberattack

The Norwegian Refugee Council (NRC) announced Thursday that it recently discovered a cyberattack targeting an online database that stores the personal information of project participants.

The NRC said it immediately suspended the database to protect the data and prevent further attacks. They also launched an external forensic investigation to determine the scope and impact of the cyberattack.

The agency didn’t provide details about the method of attack or who carried it out. The NRC didn't immediately respond to a request for comment.

“Safeguarding the data of our project participants is of paramount importance to us,” the organization said in a statement. “The personal information of vulnerable people in need of humanitarian assistance must never be targeted.”

The NRC, based in Oslo, is a humanitarian non-governmental organization that protects the rights of people affected by displacement. The Norwegian government said it settled more than 32,000 refugees in 2022 — a record number due in part to the war in Ukraine.

This is not the first time hackers have targeted humanitarian organizations. In February, Ukrainian refugees in Poland, Lithuania, and the UK became the target of a disinformation campaign aimed at stealing their personal data.

In January 2022, the International Committee of the Red Cross became the victim of a cyberattack in which hackers stole the data of more than 515,000 extremely vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.