The WFP Self-Registration Application for Palestine was breached on May 14, 2026, exposing names, national ID numbers, phone numbers, and neighborhood-level geolocation for approximately 600,000 households in an active conflict zone. No CVE is assigned; the system is proprietary. This item is directly relevant to organizations operating humanitarian, NGO, or population registry systems with analogous data profiles, and raises urgent questions about data minimization, disclosure timelines, and physical safety obligations for sensitive population data.