The International Association of Athletics Federations (IAAF) has confirmed that its database of Therapeutic Use Exemption (TUE) applications has fallen victim to a suspected cyberattack from the notorious Sednit group.
The attack by the group, also known as Fancy Bear, was detected on February 21st during a ‘proactive investigation’ by Context Information Security, which was requested by the IAAF to examine all of its systems at the start of the year.
The investigation found that metadata on athlete TUEs was being collected by a file server and was then being stored in a freshly-created file.
The IAAF admits it does not know if any information was stolen, but says the perpetrators would have had full access to sensitive data relating to athlete TUEs.
IAAF president Sebastian Coe insisted that despite the incident, securing data information was a top concern.
“OUR FIRST PRIORITY IS TO THE ATHLETES WHO HAVE PROVIDED THE IAAF WITH INFORMATION THAT THEY BELIEVED WOULD BE SECURE AND CONFIDENTIAL.”
He said: “Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential.
“They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation and work with the world’s best organizations to create as safe an environment as we can.”
Sednit is considered to be one of the most notorious groups of cyberattackers operating in the world today. It has already attacked several high-profile organizations.
This has included TV5Monde, a French television network, the German Parliament
And the American Democratic National Committee.
In addition to Fancy Bear, Sednit is also known by other monikers, including APT28, Sofacy, Pawn Storm, STRONTIUM and Tsar Team.
For more information on Sednit, check out ESET’s comprehensive paper, En Route with Sednit.