The servers of the International Association of Athletics Federation, the world governing body for track and field athletes, were compromised by a Russian hacking group, IAAF reported Monday.
The breach occurred on Feb. 21 when an unauthorized user remotely accessed the IAAF network, which contained Therapeutic Use Exemption forms of athletes, officials said. The files were stored on the server and contained information on whether athletes are allowed to use prescriptions.
Cyber incident response firm Context Information Security discovered the breach during a proactive investigation that began in January, according to officials. IAAF worked with Context to remove the attackers from the network, which was successfully completed this weekend.
“It is not known if this information was subsequently stolen from the network, but it does give a strong indication of the attackers’ interest and intent and shows they had access and means to obtain content from this file at will,” officials said in a statement.
The hacking group is known as APT 28 or ‘Fancy Bear’ and were responsible for leaking medical data of Olympic athletes in 2016 following the cyberattack on the World Anti-Doping Agency. The group has also been linked to interference with the 2016 U.S. presidential election.
All athletes who applied for TUES since 2012 could potentially be affected, and IAAF has contacted the athletes.
“Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential,” IAAF President Sebastian Coe said in a statement. "They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation and work with the world’s best organizations to create as safe an environment as we can."
Twitter: @JessiefDavis
