A Russian hacking group has leaked data of athletes from the World Anti-Doping Agency’s (WADA’s) servers.
The leak of medical records belonging to five British Olympic athletes including Chris Froome and Bradley Wiggins last week has once again brought the issue of personal data security onto the front pages.
The data was illegally accessed from the WADA administration and management system (ADAMS) via a spear phishing attack using an International Olympic Committee-created account for the Rio 2016 Games, WADA has confirmed.
World Anti-Doping Agency’s director general Olivier Niggli said: “WADA is very mindful that this criminal attack, which to date has recklessly exposed personal data of 29 athletes, will be very distressing for the athletes targeted and cause apprehension for all athletes that were involved in the Rio 2016 Olympic Games.”
Since that announcement the head of UK Anti-doping (Ukad) said at least 53 British athletes from the Rio Olympics may be at risk of having their medical details made public.
The leaked data from the medical records has revealed some questionable – although legal – data was released by infamous hacking group, Fancy Bears.
Russian president Vladimir Putin, in light of the results, has called WADA hypocrites, after a number of Russian athletes were banned from The Olympics and all the Russian Paraolympians were banned.
Data breaches have been on a steady increase as more systems have moved online.
This, coupled with increased cyber threat frequency and creativity, has left organisations vulnerable. The WADA hack is the latest, and certainly not the last example of this.
“The leak at WADA shows that, in order to protect sensitive data, companies not only need to adopt a broad mix of security processes, such as secure and managed file transfer systems at a corporate level, but that training needs to be given to individual employees on how to be safe, responsible and vigilant when they go online,” commented Michael Hack, SVP EMEA operations at Ipswitch.