IAAF falls prey to cyber-crime from world class international hackers with Russian ties
In a statement on April 3 IAAF said that the Fancy Bear hackers group has been linked to the Russian Spy agency that was behind cyber operations that marred the 2016 US election and also the medical records in February
In a statement on April 3 IAAF said that the Fancy Bear hackers group has been linked to the Russian Spy agency that was behind cyber operations that marred the 2016 US election and also the medical records in February.
The hack targeted information concerning applications by athletics for Therapeutic Use Exemptions, the IAAF said.
Athletes who had applied for TUEs since 2012 have been contacted and IAAF president, Sebastian Coe, apologised.
"Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential,” Coe said in the statement. "
Coe also send his sincere apologies to the Olympic fraternity promising total commitment within his powers to remedy the situation.
TUEs are issued by sports federations and national anti-doping organizations to allow athletes to take certain banned substances for verified medical needs.
The IAAF said that data on athlete TUEs was "collected from a file server and stored on a newly created file".
"The attack by Fancy Bear, also known as APT28, was detected during a proactive investigation carried out by cyber incident response (CIR) firm Context Information Security," the IAAF said.
Private security firms and US officials have said Fancy Bear works primarily on behalf of the GRU, Russia's military intelligence agency. Fancy Bear could not be immediately reached for comment.
The group and other Russian hackers were behind the cyber-attacks during the US presidential election last year that were intended to discredit Democratic candidate Hillary Clinton and help Donald Trump, a Republican, win, according to US intelligence agencies. Russia has repeatedly denied the allegations.
It was not known if the information was stolen from the network, the IAAF said, but the incident was "a strong indication of the attackers’ interest and intent, and shows they had access and means to obtain content from this file at will".
The attack was uncovered after British company Context Information Security conducted an investigation of the IAAF's systems at the request of the athletics body.
Last year, Fancy Bear hacked into the World Anti-Doping Agency (WADA) database and published the confidential medical records of several dozen athletes.
The IAAF banned Russia's athletics federation after a WADA commission report found evidence of state-sponsored doping. Almost all Russia's athletes missed the track and field events at the Rio Olympics last year and are likely to also miss the world athletics championships in London in August.