The attack targeted a third-party company based in Switzerland which the Red Cross uses to back up their data.
"While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them," said Robert Mardini, the Red Cross' Director-General, speaking directly to the threat actors. "Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world's least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data."
According to the Washington Post, the organization was forced to cease work while unable to access their data. While they work reuniting about a dozen families a day, this work has been halted.
The Washington Post goes onto suggest that because details are murky and no one has claimed responsibility, the threat actors may have nation-state backing.
In addition, about 2000 staff and volunteers had their credentials exposed as well.