The International Association of Athletics Federation ( IAAF) said Monday that it has been a victim of a cyberattack, which it believes has compromised athletes’ Therapeutic Use Exemption (TUE) applications stored on IAAF servers.
The organization attributed the attack to FANCY BEAR, also known as APT28, which it says was discovered during a proactive investigation carried out by cyber incident response (CIR) firm Context Information Security, who were contacted by the organization at the beginning of January to undertake a technical contextinvestigation across IAAF systems.
Meta data on athlete TUEs was collected from a file server and stored in a newly created file, according to IAAF. It is not known if this information was subsequently stolen from the network, but it does give a strong indication of the attackers’ interest and intent, and shows they had access and means to obtain content from this file at will, the organization stated.
Athletes who have applied for TUEs since 2012 have today been contacted and provided with a dedicated email address to contact the IAAF if they have any questions.
“Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential,” said IAAF President Sebastian Coe. “They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation and work with the world’s best organisations to create as safe an environment as we can.”