Red Cross data breach - Misplaced Pages

2022 cybersecurity incident

This article's factual accuracy may be compromised due to out-of-date information. Please help update this article to reflect recent events or newly available information. (June 2024)

On 20 January 2022, the International Committee of the Red Cross made an appeal to hackers who had stolen private data, saying they would speak "directly and confidentially" to those responsible for the attack. The hackers had stolen private data on more than 515,000 vulnerable people from at least 60 Red Cross and Red Crescent societies. So far there is no proof that the data has been leaked, but the ICRC said that their gravest concern was the risk posed by exposing the data.

The attack was aimed at a Swiss contractor that stores the data.

The perpetrators have not been identified.

Impact

The ICRC has suspended access to compromised computer systems which are part of the Restoring Family Links programme, which was targeted in the attack. A spokesman said "We will do our utmost to ensure some business continuity and a resumption of services as soon as possible".

References

^ "Red Cross appeals to hackers after major cyberattack". TheJournal.ie. 2022-01-20. Retrieved 2022-01-21.
^ McGowran, Leigh (2022-01-20). "Red Cross cyberattack exposes data of 515,000 'highly vulnerable people'". Silicon Republic. Retrieved 2022-01-21.
^ Dobberstein, Laura (2022-01-20). "Red Cross forced to shutter family reunion service following cyberattack and data leak". The Register. Retrieved 2022-01-21.

External links

Sophisticated cyber-attack targets Red Cross Red Crescent data on 500,000 people - www.icrc.org
Cyberattack on International Committee of the Red Cross - www.redcross.org

Hacking in the 2020s

← 2010s

Timeline

2030s →

Major incidents

2020	BlueLeaks Twitter account hijacking European Medicines Agency data breach Nintendo data leak United States federal government data breach EasyJet data breach Vastaamo data breach
2021	Microsoft Exchange Server breach Ivanti Pulse Connect Secure data breach Colonial Pipeline ransomware attack Health Service Executive ransomware attack Waikato District Health Board ransomware attack JBS S.A. ransomware attack Kaseya VSA ransomware attack Transnet ransomware attack Epik data breach FBI email hack National Rifle Association ransomware attack Banco de Oro hack
2022	Ukraine cyberattacks Red Cross data breach Anonymous and the Russian invasion of Ukraine Viasat hack DDoS attacks on Romania Costa Rican ransomware attack LastPass vault theft Shanghai police database leak Grand Theft Auto VI content leak
2023	Munster Technological University ransomware attack Evide data breach MOVEit data breach Insomniac Games data breach Polish railway cyberattack British Library cyberattack
2024	XZ Utils backdoor Kadokawa and Niconico Change Healthcare ransomware attack Ukrainian cyberattacks against Russia 2024 WazirX hack Trump campaign hack Fur Affinity domain hijacking IRLeaks attack on Iranian banks Internet Archive data breach

Groups

Individuals

Major vulnerabilities
publicly disclosed

SMBGhost (2020)
Thunderspy (2020)
PrintNightmare (2021)
FORCEDENTRY (2021)
Log4Shell (2021)
Account pre-hijacking (2022)
Retbleed (2022)
Downfall (2023)
LogoFAIL (2023)
Reptar (2023)
Terrapin (2023)
GoFetch (2024)
Sinkclose (2024)
SLUBStick (2024)

Malware

2020	Adrozek Drovorub
2021	Predator
2022	Cyclops Blink Pipedream

This crime-related article is a stub. You can help Misplaced Pages by expanding it.

Categories: