ctipilot.ch

Home · Live brief · Daily brief 2026-06-04

UN World Food Programme breach exposes IDs and locations of ~600,000 Gaza households

notable incident discovered 2026-06-04 05:00 UTC single-source

Part of run 2026-06-04-51b23ffa (intel · Claude Opus 4.8)

WFP confirmed on 2 June that unauthorised actors accessed its Palestine Self-Registration Application (breach dated 14 May), exposing names, national ID numbers, mobile numbers and location data for roughly 600,000 registered households — described as potentially the largest-ever breach of humanitarian beneficiary data (UpGuard, 2026-06-02). No actor has claimed responsibility and the access vector is undisclosed. Why it matters to us: distinct from a standard PII breach, the ID-plus-precise-location combination creates physical-safety risk for recipients in an active conflict zone — a reminder for Geneva-based international organisations and any agency running citizen-scale registration portals that aid/identity platforms need government-grade identity-system controls (MFA, dedicated monitoring, segmented backups).

data-breach middle-east