Back

WFP Cyberattack Exposes Data of 600,000 Gaza Households

Severity: High (Score: 67.0)

Sources: www.thenewhumanitarian.org, Therecord.Media, Bleepingcomputer, En.Yenisafak

Published: 2026-06-04 · Updated: 2026-06-05

Keywords: food, gaza, world, agency, breach, data, recipients

Severity indicators: breach

Summary

The UN's World Food Programme (WFP) reported a cyberattack that compromised personal data of approximately 600,000 households in Gaza. The breach, detected on May 14, involved unauthorized access to the self-registration application used for aid registration, exposing names, ID numbers, phone numbers, and location data. An anonymous whistleblower had warned the WFP of vulnerabilities in the system two days prior to the breach. The WFP has temporarily suspended the registration platform to enhance security measures and is currently investigating the incident. No group has claimed responsibility for the attack, and the WFP continues to monitor the situation. Beneficiaries have been advised to be cautious of potential phishing attempts related to the breach. Key Points: • A cyberattack on WFP exposed data of around 600,000 Gaza households. • The breach involved unauthorized access to the self-registration application for aid. • An anonymous whistleblower warned of vulnerabilities just before the attack occurred.

Detailed Analysis

**Impact** Approximately 600,000 Palestinian households in Gaza were affected by the breach, exposing personal data including names, identification numbers, phone numbers, and residential location details. The compromised data relates to beneficiaries registered in the WFP’s Self-Registration Application used to verify eligibility for food and cash assistance. The incident impacts the humanitarian sector and disrupts aid operations in a conflict-affected region. The WFP has temporarily suspended the registration platform to implement security improvements, but assistance delivery continues as normal. **Technical Details** The attackers gained unauthorized access to the WFP’s Self-Registration Application for Palestine, with the breach occurring on May 14, 2026. An independent expert reported security vulnerabilities in the system two days prior to the incident. No specific malware, CVEs, or attacker groups have been identified or disclosed. The attack appears to have exploited application-level security flaws, but detailed TTPs and IOCs have not been publicly released. **Recommended Response** Defenders should monitor for suspicious access attempts targeting humanitarian aid registration platforms and related infrastructure. Immediate priority should be given to conducting thorough security assessments and patching identified vulnerabilities in self-registration systems. Organizations operating in similar environments should review access controls, enhance monitoring for data exfiltration, and educate beneficiaries to be cautious of phishing attempts impersonating aid agencies. Further updates from WFP investigations should be tracked for actionable IOCs or indicators.

Source articles (4)

  • WFP confirms cyberattack exposed 600,000 Gaza households data — En.Yenisafak · 2026-06-04
    The United Nations World Food Program confirmed that a cyberattack has exposed the sensitive personal information of approximately 600,000 Palestinian households in Gaza, compromising names, identific…
  • UN food agency investigates breach exposing data of Gaza aid recipients — Therecord.Media · 2026-06-04
    In a message sent to aid recipients via Telegram over the weekend, the World Food Programme (WFP) said that "unauthorized parties" had accessed data stored in its self-registration application in Gaza…
  • UN food agency discloses breach affecting 600,000 Gaza households — Bleepingcomputer · 2026-06-04
    The United Nations' World Food Programme (WFP), the world's largest humanitarian organization, revealed over the weekend that its self-registration application (SRA) for Palestine was breached. The WF…
  • United Nations Cyber Attack — www.thenewhumanitarian.org · 2026-06-04

Timeline

  • 2026-05-12 — Whistleblower warns WFP of vulnerabilities: An independent expert alerted WFP about security flaws in the self-registration application two days before the breach.
  • 2026-05-14 — Breach detected in WFP registration application: WFP confirmed unauthorized access to its self-registration application, compromising sensitive data.
  • 2026-05-31 — WFP informs beneficiaries via Telegram: WFP communicated the breach details to aid recipients, advising caution against potential phishing attempts.
  • 2026-06-04 — WFP continues investigation and security enhancements: WFP announced ongoing investigations and security improvements following the breach, with the registration platform still down.

Related entities

  • Data Breach (Attack Type)
  • Ransomware (Attack Type)
  • United Nations (Company)
  • World Food Programme (Company)
  • Italy (Country)
  • Palestine (Country)
  • 8Base (Ransomware Group)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed