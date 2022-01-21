Red Cross is preparing for 90 Columbian refugees to arrive in Levin in June 2020. Palmerston North Red Cross

A massive database storing details of separated families and missing loved ones was exposed to a “highly sophisticated” data breach on January 18.

In a statement, the New Zealand Red Cross (NZRC) said it was informed on January 20 that the extremely sensitive global systems of the Central Tracing Agency (CTA) were hacked.

The CTA is managed by the International Committee of the Red Cross (ICRC), and is a global database used to help in the search for missing people lost to war, disaster and migration.

Three NZRC staff members who use the CTA systems have had to change their passwords as a result of the breach, and the Office of the Privacy Commissioner has been informed.

The NZRC uses the CTA for its Restoring Family Links programme, which tries to help people in New Zealand who have lost contact with someone overseas due to war or disaster.

It is not yet confirmed whether the NZRC specifically was affected by the hack, the Secretary General of the NZRC, Sarah Stuart-Black said.

But if it becomes clear it was affected, clients will be informed, she said.

“Whilst NZRC’s data is housed geographically separate from that of the compromised systems, we are employing effective security to monitor and alert for any suspicious events,” she said in a statement.

“Over the previous 18 months NZRC has implemented a range of enhancements to our ICT systems due to the increasing threat of cyber security attacks.

“The data related to the Restoring Family Links service is hosted separately by ICRC – this data may have been exposed in this event. We are monitoring the situation closely.”

The CTA systems are now offline until the data is considered secure, and the ICRC has hired a specialist firm to help manage the situation.

“To the best of NZRC knowledge at this time, our information has not been tampered with and is intact.”

Stuart-Black says for now, the ICRC is “unsure of the motivations of the attackers,” but that user information and passwords were stolen.

“However there is no evidence yet of operational and personal data being accessed, extracted or manipulated. Without knowing the motives, it is difficult to estimate the potential and likelihood the harm that this breach has caused.”