Towards safer digital services: The CTA data breach one year on

Families / Technology & Data
Central Tracing Agency (CTA) / Data Protection

 The International Red Cross and Red Crescent Movement's Restoring Family Links network helps reunite families separated by conflict, disaster, and migration.

02 Sep 2023

Every year, armed conflicts, natural disasters and migration separate countless families. People suffer from the anguish of not knowing where their loved ones are or whether they are even safe.

The International Red Cross and Red Crescent Movement uses its Restoring Family Links (RFL) network to help families look for their loved ones who have gone missing. When we find them, we help them get back in contact with their families, for example by giving migrants access to a telephone or the internet, or by delivering Red Cross messages.

Afghanistan: Family links website reunites mother and son

We also register and monitor the situation of particularly vulnerable people, such as children who have been separated from their families and people being held in detention.

To deliver effective and efficient RFL services, we need to collect and process large amounts of personal data. But in January 2022, the data of more than 500,000 people involved in RFL services worldwide and the data of around 60 National Red Cross or Red Crescent Societies were targeted in a sophisticated cyber-attack.

The people affected included individuals separated from their families because of conflict, migration and natural disaster, missing people and their families, and detainees. The data came from people all around the world who had entrusted their personal information to a humanitarian network whose help they desperately needed. The attack harmed our global network’s ability to locate missing people and reconnect families.

As a security measure, we immediately shut down all the platforms, systems and services that had been breached. This included essential services such as the RFL website (the first entry point for families wanting to contact National Societies to register a missing loved one), TracetheFace (a website that helps migrants and their families reconnect), and Flextranet (the Movement’s intranet, which is used to share information across the RFL network). Case management systems designed for National Societies were also affected.

As a result, National Societies and ICRC delegations could not access any information about the people using RFL services, and the ICRC’s Central Tracing Agency and the RFL network could not share information, guidance and practices through the usual secure channels of communication.

A major global effort was needed to keep the services running while these tools were offline, to rebuild secure systems and support National Societies and ICRC delegations struggling to cope with the consequences of the attack.

During the whole crisis, protecting affected people was the priority and at the heart of the huge task we took on. The RFL network carried out a worldwide assessment of the risks facing the most vulnerable individuals whose data had been breached and how to mitigate those risks.

This went beyond mandatory notification to national data protection authorities to engage with the affected people whose data had been breached directly. In every country affected, the National Society and ICRC staff contacted these people to explain what happened, what the risks were likely to be and what measures had been taken to mitigate these risks.

The data breach has definitely raised awareness among RFL staff about the importance of protecting people by protecting their data and complying with the Code of Conduct on Data Protection.

Despite the major risks facing the Movement as a result of the data breach – affected people and staff possibly put in danger, platforms offline, the Movement’s reputation, etc. – the response was a marked success.