The New Humanitarian welcomes new CEO Ebele Okobi.

Find out more.
  1. Home
  2. Global

Comment: Red Cross data hack

‘It’s in many ways the worst-case scenario we’ve been warning about for years.’

The fallout is just beginning after what data privacy researchers say could be the biggest-ever breach of humanitarian data.

The New Humanitarian spoke to Zara Rahman, acting executive director of The Engine Room, a tech and data non-profit, to find out why this huge hack at the International Committee of the Red Cross (ICRC) on 19 January shouldn’t come as a surprise, and what the aid sector needs to do to protect itself — and vulnerable people.

For Rahman, “it’s in many ways the worst-case scenario we’ve been warning about for years now”, but what should perhaps concern us more, she warns, is that it happened at the ICRC, a place considered to have one of the best digital protection practices in the sector.

Watch this short video for her full comment on the hack.

The ICRC said the cyber-attack compromised the data of more than 515,000 of the world’s most vulnerable – including people uprooted by conflict and disasters. The exposed data reportedly includes names, locations, and contact information collected by at least 60 Red Cross and Red Crescent societies around the globe.

The ICRC said it wasn’t clear if the data was shared (though a user on one hackers’ forum claimed to be ransoming it). While the ICRC is urging hackers not to release the data, some analysts also said the group itself should be held accountable: “Humanitarian [organisations] should not get a free pass. They are responsible to safeguard the data they collect,” tweeted Stefan Soesanto, a cybersecurity researcher.

Will this high-profile hack spark long-demanded improvements to information security across the aid sector?

Experts have long urged aid groups to prioritise the issue, but the list of poor practices grows ever longer: unreported breaches, insecure systems, security lapses, ransomware attacks, poor data-handling, questionable partnerships, or simply collecting too much data in the first place.

For a sobering deep dive on these examples and more, check out our ongoing collection of reporting on humanitarian technology.

Share this article

Get the day’s top headlines in your inbox every morning

Starting at just $5 a month, you can become a member of The New Humanitarian and receive our premium newsletter, DAWNS Digest.

DAWNS Digest has been the trusted essential morning read for global aid and foreign policy professionals for more than 10 years.

Government, media, global governance organisations, NGOs, academics, and more subscribe to DAWNS to receive the day’s top global headlines of news and analysis in their inboxes every weekday morning.

It’s the perfect way to start your day.

Become a member of The New Humanitarian today and you’ll automatically be subscribed to DAWNS Digest – free of charge.

Become a member of The New Humanitarian

Support our journalism and become more involved in our community. Help us deliver informative, accessible, independent journalism that you can trust and provides accountability to the millions of people affected by crises worldwide.

Join