UN World Food Programme breach exposes IDs and locations of ~600,000 Gaza households [SINGLE-SOURCE]

WFP confirmed on 2 June that unauthorised actors accessed its Palestine Self-Registration Application (breach dated 14 May), exposing names, national ID numbers, mobile numbers and location data for roughly 600,000 registered households — described as potentially the largest-ever breach of humanitarian beneficiary data (UpGuard, 2026-06-02). No actor has claimed responsibility and the access vector is undisclosed. Why it matters to us: distinct from a standard PII breach, the ID-plus-precise-location combination creates physical-safety risk for recipients in an active conflict zone — a reminder for Geneva-based international organisations and any agency running citizen-scale registration portals that aid/identity platforms need government-grade identity-system controls (MFA, dedicated monitoring, segmented backups).