The Monaco-based International Association of Athletic Federation (IAAF) has been hacked and information concerning individual athlete’s drug-use exemptions has been stolen.
The IAAF said that a Russian hacking group known as Fancy Bears was most likely behind the attack, which took place in February. IAAF President Lord Sebastian Coe has apologised for the attack. Athletes who had applied for Therapeutic Use Exemptions (TUE) from 2012 have been contacted by the international athletics association.
“Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential,” Coe said. “They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation.”
TUEs are issued by sports federations and national anti-doping organisations so that athletes are allowed to take banned substances for verifiable medical needs.
“The attack by Fancy Bears, also known as APT28, was detected during a proactive investigation carried out by cyber incident response firm Context Information Security,” the IAAF said.
This is not the first time that Fancy Bears have struck. Last year they hacked the World Anti-Doping Agency (WADA) database and published the confidential medical records of several dozen athletes.
The IAAF banned Russia after a WADA report published evidence of state-sponsored doping. As a result, Russia was not allowed to take part in the track and field events at last year’s Rio Olympics.