A group of hackers calling themselves Anonymous Fancy Bears have claimed to hack the official website of World Anti-Doping Agency and Court of Arbitration for Sport (WADA-CAS) again and leak a trove of sensitive data on their website.
Previously, WADA was hacked on 12th August 2016 resulting in the leak of sensitive data including medical testing results, history, and whereabouts information of Russian Olympics whistleblower Yuliya Stepanova.
As far as the latest hack is concerned, the hackers claim they are part of an International hack team and stand for fair play and clean sport.
The hackers have uploaded the data on their own website. It contains several screenshots of the data allegedly stolen from WADA’s website that shows list and details of American athletes who were allegedly found guilty of using banned athletic performance-enhancing drugs – commonly known as doping.
The list and details leaked by Fancy Bears show names of several high-profile athletes like the gymnast Simone Biles, American basketball star Elena Delle Donne, tennis stars Serena and Venus Williams.
WADA was recently criticized by Russian government after an independent investigation confirmed Russian state manipulation of the doping control process. None of the Russian hackers claimed any responsibility for this attack.
At this moment in time, the hackers did not announce their affiliation with Russia but the Bears themselves needs no reference. It’s, however, too early to say if the data is legit or not. HackRead has contacted WADA’s media team and we are awaiting their response
At the time of publishing; all screenshots along with their downloadable links were available on Fancy Bears’ website.
In an email to Cyber-USA, WADA has confirmed the breach saying that,
“The World Anti-Doping Agency (WADA) confirms that a Russian cyber espionage group operator by the name of Tsar Team (APT28), also known as Fancy Bear, illegally gained access to WADA’s Anti-Doping Administration and Management System (ADAMS) database via an International Olympic Committee (IOC)-created account for the Rio 2016 Games. The group accessed athlete data, including confidential medical data — such as Therapeutic Use Exemptions delivered by International Sports Federations (IFs) and National Anti-Doping Organizations (NADOs) — related to the Rio Games; and, subsequently released some of the data in the public domain, accompanied by the threat that they will release more.”
Click here to go through WADA’s confirmation article.
Previously, Tsar Team (APT28) was blamed for hacking France’s TV5Mondie and running a sophisticated espionage malware campaign on fake EFF website.