The United Nations World Food Programme (WFP) has disclosed a cybersecurity breach affecting its self-registration application used for aid distribution in Gaza. The attack, which began on May 14, exposed the personal data of beneficiaries across approximately 600,000 Palestinian households. Compromised information includes names, identification numbers, phone numbers, and location details such as neighborhood data recorded during the registration process.
Breach Response and Security Measures
The WFP announced the incident via a Telegram message, stating that the registration platform has been temporarily suspended to implement urgent security improvements. The organization has advised beneficiaries to remain cautious of fraudulent messages and to avoid clicking suspicious links or providing personal information to anyone claiming to represent the WFP. Food and cash assistance programs continue without interruption, and affected individuals do not need to re-register.
Scope and Impact on Humanitarian Operations
This breach is one of several cybersecurity incidents affecting United Nations agencies in recent years, including a previous attack on the UN Development Programme and a data exposure at the UN Environmental Programme. The WFP, which operates the world’s largest humanitarian logistics network with thousands of trucks, ships, and aircraft, has not yet provided a full public accounting of the number of individuals impacted. The organization is actively investigating the incident and monitoring the situation as it works to restore secure operations.
Source: BleepingComputer
