Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: gaza (1 article)Clear

UN World Food Programme Gaza registration platform breached - personal data of ~600,000 Palestinian households stolen, phishing warning issued

The UN World Food Programme - the world's largest humanitarian organization - has disclosed that its self-registration application for Palestine, used to register Gaza residents for assistance, was breached. Attackers accessed beneficiaries' names, ID numbers, phone numbers, and location data (including neighborhood information recorded at registration). The WFP says the intrusion occurred May 14 and exposed data for roughly 600,000 Palestinian households in Gaza. It has temporarily suspended the registration platform and stressed that assistance will continue uninterrupted. The agency warned beneficiaries to be wary of anyone claiming to represent the WFP and requesting information or money, and not to click suspicious links - a clear phishing-risk signal.

Check
Humanitarian and NGO operators: review self-registration and beneficiary platforms for exposure. If you work with WFP Gaza data, treat names, IDs, phone numbers, and locations as compromised.
Affected
Roughly 600,000 Palestinian households in Gaza whose WFP registration data (names, ID numbers, phone numbers, locations) was stolen in the May 14 breach. High risk of targeted phishing and fraud.
Fix
Affected beneficiaries: ignore unsolicited WFP-themed requests for information or money and avoid suspicious links. NGOs: harden registration platforms, minimize stored PII, and segment beneficiary databases.