Montreal: In a press release sent late yesterday, the World Anti-Doping Agency (WADA) has confirmed that the Russian cyber hackers, ‘Fancy Bear’ [aka Tsar Team (APT28)] have leaked another batch of confidential athlete data from WADA’s Anti-Doping Administration and Management System (ADAMS).
A leak which is similar to the one the Agency announced on 13 September, though this time confidential athlete data of 25 athletes, from eight countries is released into the public domain. This set of Athlete data include ten Americans, five German, five British, one Czech, one from Denmark, one Polish, one Romanian, and one Russin athlete.
Earlier, on 13 September, WADA said that the Russian hackers had illegally gained access to ADAMS via an International Olympic Committee (IOC)-created account for the Rio 2016 Games. The access to this account is restricted to the Games, and includes confidential medical data like Therapeutic Use Exemptions delivered by International Sports Federations (IFs) and National Anti-Doping Organizations (NADOs). And it is this Data which is leaked in Public Domain in batches.
Speaking about the situation, Olivier Niggli, the Director General of WADA, said, “WADA is very mindful that this criminal attack, which to date has recklessly exposed personal data of 29 athletes, will be very distressing for the athletes that have been targeted; and, cause apprehension for all athletes that were involved in the Rio 2016 Olympic Games.”
Further said Niggli, “To those athletes that have been impacted, we regret that criminals have attempted to smear your reputations in this way; and, assure you that we are receiving intelligence and advice from the highest level law enforcement and IT security agencies that we are putting into action.”
Adding further, the WADA DG said, “Given this intelligence and advice, WADA has no doubt that these ongoing attacks are being carried out in retaliation against the Agency, and the global anti-doping system, because of our independent Pound and McLaren investigations that exposed state-sponsored doping in Russia.”
Condemning the activities, he said, “We condemn this criminal activity and have asked the Russian Government to do everything in their power to make it stop. Continued cyber-attacks emanating from Russia seriously undermine the work that is being carried out to rebuild a compliant anti-doping program in Russia.”
Concluding with the cyber security system of WADA, he concluded with, “We still believe that access to ADAMS was obtained through spear phishing of email accounts; whereby, ADAMS passwords were obtained enabling access to ADAMS account information confined to the Rio 2016 Games. We have no reason to believe that other ADAMS data has been compromised.”
In a next step to ensuring that the data doesn’t impact many, WADA is reaching out to NADOs and IFs whose athletes are impacted by this new data release so that they can provide them with the necessary support.