Cyberattack on the Italian Red Cross on January 18

• In January 2024, the Italian Red Cross system was hacked, and we were informed on the 17th of June 2024, that the personal data of thousands of people was leaked and some of it was published. This included names, locations, and contact information.
• On June 28, the Swedish Red Cross was informed that personal data linked to Swedish cases was among the stolen data. This involves around fifty individuals whose information was shared with the Italian Red Cross. On Monday, July 1, we submitted a report to the Swedish Authority for Privacy Protection (IMY). 
• As part of its Restoring Family Links programme, the Italian Red Cross (IRC) shares information with all its Red Cross and Red Crescent partners worldwide and with the International Committee of the Red Cross (ICRC) when they can contribute to preserving family unity. This means that the potential damage of this cybersecurity incident affects thousands of people around the world.
• We want to stress that not everyone who has engaged with these services and has shared information with us was affected. 

The cyberattack includes personal information such as names, locations, and contact details of more than 16,500 individuals. Among those affected are missing persons and their families, unaccompanied or separated children, prisoners, and other individuals who receive services from the Red Cross and Red Crescent as a result of armed conflict, natural disasters, or migration.

Data from Sweden involves an estimated fifty registered individuals.

• We understand that it might sound worrying to hear this news and might raise questions on whether you could be one of the people impacted.
• Hackers and other unauthorized individuals have illegally accessed personal data that you or your loved ones have shared with the Italian Red Cross or other Red Cross and Red Crescent partners to ask for our humanitarian services and publish some of the online. 
• You might have provided this information to us when registering for our programs, receiving aid during a natural disaster or armed conflict, requesting our services to find lost relatives, or for other needs. 
• We are doing everything we can to get in touch directly with those people whose personal data has been affected.
• We encourage you to reach out to your local Red Cross or Red Crescent society or the International Committee of the Red Cross (ICRC) office in your country if you have any questions. 

• We are still here to support you. Our humanitarian services, including the Restoring Family Link Services, continue to function and are not affected by this cybersecurity incident.
• No personal data you may have shared with the Red Cross or Red Crescent Movement has been deleted or lost. This means that we continue supporting you in times of crisis, we will keep searching for your loved ones, among all the different activities we develop. 

• The Italian Red Cross has worked to further secure their systems. Access to the published data and information was shut down. The public links where the leaked data was published are now blocked. Authorities in Italy are actively monitoring the Internet to identify and take down further potential publication of data. See more information from the Italian Red Cross.
• As per the Italian Red Cross security protocols, investigations are ongoing to know more details about the impact of this cybersecurity incident.
• The Italian Red Cross and the entire Red Cross and Red Crescent Movement are doing everything possible to inform all the people affected by this breach.
• The Italian Red Cross has implemented the necessary technical measures to prevent any future security violations of its systems. 
• We want to reassure you that we stand by you in this very difficult situation. The Red Cross and Red Crescent Movement takes your security very seriously, especially the safety of the people we assist, and the protection of their information. We have invested substantially in cybersecurity and work with trusted partners to maintain high standards of data protection and system, including the monitoring of suspicious activities. We are doing everything in our power to fix this and prevent it from happening again. 

• We understand that this might make you feel concerned about your safety. We do not know the motives behind this incident, so it is difficult to be able to estimate the potential harm this could cause, including to you and your loved ones. 
• The data has been made public for different periods of time. We don’t know who might have accessed it. We are doing everything we can to get in touch directly with those people whose personal data has been affected.

• In Sweden, about fifty people are affected. The affected individuals should have been contacted by the Swedish Red Cross by July 9, 2024. If you are still concerned, you can contact us at data@redcross.se. You can also contact us on our migration hotline on Wednesdays 09.00-12.00 on 020-415 000. 
• The best thing to do right now is to get in contact with us and we will do our best to answer to any questions you might have. 
• In addition to that, there are some simple steps you can take to better protect yourself and your loved ones from some of the consequences of a potential breach of your data. 
• It’s important to inform your trusted loved ones of what happened. Malicious people can impersonate them. Ask your loved ones to be on the lookout for any unusual phone calls, messages or emails from ill-intentioned people.
• Be suspicious about phone calls, messages or emails that sound urgent or threatening and try to make you act in certain ways. Malicious people often try to use fear and urgency to force you to take specific or unsafe actions (such as giving away more personal information, making a payment or clicking on unknown links).
• The Red Cross and Red Crescent Movement will never contact you to ask for an urgent payment or for additional sensitive information on unsecured channels. If you get such a request, please ignore it, and contact your local Red Cross or Red Crescent Society or the ICRC office in your country immediately to let them know. 
• Try to pay extra attention to the details of the email addresses or phone numbers contacting you. Whenever possible, verify this information in official websites. The contact information of your local Red Cross or Red Crescent Society or the ICRC office in your country are available publicly and can be verified.
• If you receive any communications that seem concerning to you, we suggest you delete these immediately. Do not click on any of the links, open attachments, nor share these with other people. If it claims to be from the Red Cross or Red Crescent, please inform your local Red Cross or Red Crescent Society or ICRC office in your country immediately. 

• You can request the deletion of your personal data, but please note that in some instances we might not be able to delete your data. 
• The deletion of your data could take some time as we will need to contact partners with whom your data was shared with your consent (e.g. another NS/ICRC delegation) and request that the partner also erases the data and any copies thereof.

• For now, we don’t believe you need to change your contact details, like your mobile number or email address. But we do encourage you to stay alert for any suspicious communications you might receive from people impersonating the Red Cross or Red Crescent. 
• As always, if you are in doubt or concerned about anything, please contact your local Red Cross or Red Crescent Society or the ICRC office in your own country. We are here to listen to you and to help alleviate your concerns. 

We are sorry for what happened. We know you entrusted us with personal information and details about often traumatic events in your life. This is not a responsibility we take lightly. We will work to earn your trust so we can continue to serve you.