The World Food Program (WFP) has confirmed that a cyberattack exposed sensitive personal information belonging to some 600,000 Palestinian households in Gaza, according to media reports.
WFP is investigating a "security-related incident" after "unauthorized actors" accessed personal information submitted by Palestinians in Gaza, the agency said in a statement sent to aid recipients via Telegram on May 31.
The New Humanitarian, a Geneva-based news portal, reported that the UN food agency has confirmed that a data breach took place on May 14, exposing information including names, ID and mobile numbers, and location data.
"WFP recently detected unauthorized access of its self-registration application (SRA) for Palestine, where individuals are able to register to receive food and cash assistance after verification," a spokesperson said in a statement responding to questions from the news portal.
The UN agency said an investigation is under way, and no party has claimed responsibility.
According to an anonymous whistleblower who contacted The New Humanitarian on May 31, WFP's beneficiary feedback mechanism received a warning from an "independent expert" about vulnerabilities in the SRA two days before the breach.
