The United Nations World Food Programme (WFP) has disclosed a breach of the self-registration app it uses to sign up beneficiaries for food assistance in Gaza. Attackers gained access to the system on May 14, 2026 and exposed records belonging to approximately 600,000 Palestinian households. The stolen data includes full names, national ID numbers, phone numbers, and neighborhood-level location information that people provided when registering for aid.
The WFP says ongoing food deliveries are not affected and beneficiaries do not need to re-register. However, the exposed combination of names, ID numbers, and phone numbers creates real risk: scammers could use it to impersonate WFP staff, demand money, or request personal information. No attacker has been publicly identified.
If you or someone you know is a registered WFP beneficiary in Gaza: be suspicious of any unexpected call, text, or message claiming to be from the World Food Programme, especially if it asks for money, banking details, or a link click. The WFP will never ask for payment to continue receiving assistance.