The Norwegian Refugee Council (NRC) has announced that it recently experienced a cyberattack on its online database containing the personal information of project participants.
To protect the data and prevent further attacks, the NRC promptly suspended the affected database and initiated an external forensic investigation to assess the extent and impact of the breach. While details regarding the method of attack and the perpetrators remain undisclosed, the NRC emphasized the paramount importance of safeguarding the personal information of vulnerable individuals in need of humanitarian assistance.
The NRC, a humanitarian non-governmental organization based in Oslo, focuses on protecting the rights of people affected by displacement. The Norwegian government settled over 32,000 refugees in 2022, a significant number attributed in part to the conflict in Ukraine.
This incident is not an isolated case, as humanitarian organizations have increasingly become targets of cyberattacks. In a similar attack earlier this year, Ukrainian refugees in Poland, Lithuania, and the UK were subjected to a disinformation campaign aimed at stealing their personal data. In a separate incident, the International Committee of the Red Cross fell victim to a cyberattack, resulting in the theft of sensitive data belonging to more than 515,000 extremely vulnerable individuals, including those separated from their families due to conflict, migration, and disaster.
These incidents highlight the urgent need for enhanced cybersecurity measures and heightened vigilance within the humanitarian sector to safeguard sensitive data and preserve the privacy of those seeking assistance. The protection of personal information is crucial in maintaining the trust and confidence of project participants, especially those already facing challenging circumstances.
It is essential for organizations like the NRC to remain proactive in implementing robust security measures and actively collaborate with relevant authorities to identify and mitigate cyber threats, ensuring the ongoing safety and privacy of those they serve.
