The Australian Red Cross has warned its clients they may be affected after its parent company was hit by a major “cyber security incident”.
The Australian branch of the International Committee of the Red Cross (ICRC) said it is contacting clients and reviewing its local systems and services.
This follows the compromising of personal data and confidential information of more than 515,000 ‘highly vulnerable people’ who have been helped by the ICRC.
The Australian branch said there was no indication that any personal information has been deleted or tampered with.
"We have not identified any evidence of any misuse or public disclosure of this data. We are closely monitoring this and will update clients if anything changed," a spokesperson said.
Australian Red Cross said it was notified by the ICRC on 20 January 2022 of a cyber security incident relating to the Red Cross movement’s Restoring Family Links Services and related services.
The spokesperson said while information is still coming to light about the extent of the incident, and its impact on Australian Red Cross data, Australian Red Cross is treating it with the utmost seriousness.
"Red Cross takes data security and safety very seriously, especially the safety of people we help," the spokesperson said. "We are working urgently to understand the extent of the breach and we are committed to taking all necessary steps to understand and mitigate any potential consequences."
Last week, the Geneva-based organisation revealed that it had been hit by a "sophisticated" cyber security attack against computer servers.
The ICRC said that the data originated from at least 60 Red Cross and Red Crescent National Societies around the world and that it remains uncertain if the compromised data has been leaked or publicly shared.