Populations that are affected by natural disasters, conflict, and other crises are among the most vulnerable on earth, and often most in need of humanitarian assistance. With the rise of digital data collection and other digital tools such as biometrics, digital cash transfers, digital wallets, digital medical and academic record apps, and management information systems, humanitarian organizations, including USAID, have routinely started to collect, store, and use large amounts of Personally Identifiable Information (PII) belonging to these vulnerable populations. By gathering more data, humanitarian organizations can better coordinate their response efforts and provide more tailored assistance to individuals. However, dangers arise when this information is gathered and stored without adequate cybersecurity protections. The vulnerability of the people seeking help amid a crisis deepens the impact of cyber attacks in the humanitarian assistance sector, particularly in situations where data can be weaponized to identify and harm specific individuals.