Hacker team that calls itself Fancy Bear has breached into the world governing body for athletics and got access to the medical data.
The attack took place earlier this year, in February, and it is believed that the APT 28 hacking group, that’s commonly known as Fancy Bear, is the one behind it. This time, the group hacked IAAF (International Association of Athletics Federations), but they have become famous after making several other hacks, especially the one against WADA (World Anti-Doping Agency). They took responsibility for the leak of Olympic athlete’s medical files, and are also being suspected to have interfered with the last year’s US elections.
The IAAF attack was detected when metadata concerning athlete’s TUE (Therapeutic Use Exemption) got collected from IAAF servers and placed in a new file. Apparently, this cyber espionage group has gained access to over 80 athlete’s medical files, and the only ones targeted are the ones who have applied to TUE in the last five years. All of the athlete’s whose files were compromised were contacted and given an email address in case they have any questions.
IAAF president Sebastian Coe has stated that the organization’s first priority are the athletes who have trusted IAAF with their information. He said that they believed in the safety of providing the organization with their files, and after apologizing, he also stated that the IAAF will do everything in their power to make the environment safe again.
The attack was originally discovered by Context Information Security, who were doing a technical investigation on IAAF’s systems. The security company said that IAAF immediately understood the gravity of the situation and provided them with every type of assistance that was needed. This reaction allowed the security company to quickly discover and deal with the intrusion. It is their belief that Fancy Bear is to be blamed for the breach.
After the attack was discovered, both the Agence Monégasque de Sécurité Numérique in Monaco and UK’s NCSC (National Cyber Security Centre) were consulted by the IAAF in order to treat their system and remove any point of access to their network that the attackers might have left. NCSC has openly confirmed the cooperation with the IAAF.
NSCC’s spokesperson has said that “We are aware of the cyber incident which the IAAF have made public. The NCSC have been providing assistance at the request of the IAAF. We commend the IAAF’s proactive decision to hire ContextIS, an NCSC approved company to help deal with this cyber attack.”
Even though the Fancy Bear is believed to be behind this attack, the hacking group has not yet claimed any responsibility.