Football’s governing body FIFA is bracing for the release on Friday by a group of European media outlets of a report containing the details of a data breach the sports organization suffered in March 2018.
FIFA has admitted that it suffered the data breach, its second in two years, but has so far declined to publicize what was exposed. Group officials did say a phishing attack was behind the hackers gaining the ability to pry into FIFA’s computer system.
“Hackers are getting ever more creative when it comes to fooling users, and this attack on FIFA is evidence of that. Phishing campaigns are extremely popular and aim to dupe people into giving away personal and financial information, which is why individuals should be vigilant of the links and attachments sent to them,” said Paul Edon, Tripwire’s senior director of technical services.
Although no attribution has been levied in the March attach, the group Football Leaks has been behind other hacks in the past revealing damaging information on football players and FIFA operations, according to the Associated Press.
FIFA’s previous breach took place in 2016 as the result of actions by Russia’s Main Intelligence Directorate (GRU) military intelligence agency. In October a grand jury in the Western District of Pennsylvania handed down the U.S. indictment against the seven Russian defendants, identified as being behind the older breach. In this case spear phishing was used to harvest credentials to give them greater access to their target’s systems.