Exploit: Third Party/Supply Chain
The International Red Cross: Humanitarian Aid Organization
Risk to Business: 1.719 = Severe
The International Committee of the Red Cross has revealed that hackers have stolen data from a Swiss contractor that stores it for them. The stolen data includes information about over 515,000 highly vulnerable people that it has served, recipients of aid and services from at least 60 affiliates of the organization worldwide. The Red Cross says it typically reunites 12 missing people with their families every day through that program. As a result of this cyberattack, The International Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies. A spokesperson for the ICRC told news outlets that there have been no demands from the hackers in exchange for stolen data and that they were working with specialized firms to recover.
Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
Source: npr