UN food agency reveals breach affecting 600,000 households in Gaza

The world’s largest humanitarian group, the United Nations World Meals Program (WFP), revealed over the weekend that Palestine’s self-registration software (SRA) had been compromised.

WFP disclosed the incident in a Telegram message on Sunday, saying a self-registration software used to register assist in Gaza had been compromised.

Throughout this breach, the attackers accessed private knowledge belonging to beneficiaries throughout the Gaza Strip, together with affected people’ names, ID numbers, cellphone numbers, and site data (together with neighborhood knowledge recorded throughout registration).

“There isn’t any must replace, delete or re-register your data. In case you are already registered, you’ll proceed to take part in WFP help applications. Meals, money and different help will proceed as typical and you’ll proceed to obtain help,” the group mentioned. “The Registration Platform (SRA) has been briefly suspended with a purpose to implement pressing safety and system safety enhancements. This system is at present investigating the incident and continues to watch the scenario.”

WFP added in an replace on Tuesday that its registration platform stays briefly suspended whereas it continues to strengthen security measures.

Humanitarian organizations haven’t but launched the variety of people whose knowledge was stolen within the incident, however WFP mentioned in a press release shared with the New Humanitarian newspaper that the attackers breached the system on Might 14 and stole data on roughly 600,000 Palestinian households within the Gaza Strip.

Over the weekend, WFP warned Palestinian beneficiaries to “be cautious of anybody claiming to characterize the World Meals Program and requesting data or cash” and to not click on or open suspicious hyperlinks or messages.

A spokesperson for the World Meals Program didn’t instantly reply to a request for additional remark from BleepingComputer at the moment.

Based in 1961 and headquartered in Rome, Italy, WFP is a United Nations company funded by contributions from governments, companies, and personal donors that fights world starvation and gives emergency meals help throughout humanitarian crises.

With greater than 20,000 employees in additional than 120 nations and territories, WFP operates the biggest humanitarian logistics community on the planet, with 5,000 vehicles, 20 ships and roughly 80 plane offering emergency aid at any given time.

In 2024, we delivered USD 2.82 billion in monetary help and delivered roughly 2.5 million tons of meals to tens of millions of individuals all over the world.

This isn’t the primary knowledge breach to have an effect on UN companies in recent times. For instance, in August 2019, the United Nations itself didn’t disclose the cyberattack that affected its Geneva workplace, and 5 years in the past, the United Nations Setting Program (UNEP) uncovered the personally identifiable data (PII) of greater than 100,000 workers.

Most not too long ago, an 8Base ransomware assault hit the United Nations Growth Program (UNDP) in 2024, with attackers stealing roughly 42,000 information from the United Nations Worldwide Civil Aviation Group (ICAO) recruitment database.