Red Cross begs hackers not to leak data of "highly vulnerable people"
The Red Cross has disclosed that it was the victim of a cyber attack and has asked the hackers who broke into the IT network of one of its contractors not to leak the personal information of more than 515,000 of "highly vulnerable people."
The data was stolen from a Red Cross program called Restoring Family Links, which aims to reunite family members separated by conflict, disaster, or migration.
"While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them," said Robert Mardini, director-general for the International Committee of the Red Cross.
"Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world's least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data," Mardini said.
The Red Cross officials said that cyber-attacks like this one jeopardize the organization's work and prevent its staff from reuniting people with their families.
"Every day, the Red Cross Red Crescent Movement helps reunite on average 12 missing people with their families," Mr. Mardini said, urging the hackers for compassion.
A Red Cross spokesperson told The Record that the hackers stole data such as names, locations, and contact information.
"The people affected include missing people and their families, unaccompanied or separated children, detainees and other people receiving services from the Red Cross and Red Crescent Movement as a result of armed conflict, natural disasters or migration," the organization said in an email.
The Red Cross said it has not yet heard back from the hackers following their public plea earlier today.
The Restoring Family Links website is currently down for maintenance.
Article updated with additional Red Cross statements regarding what type of data was stolen in the attack.
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.