Breach, Threat Management, Data Security, Threat Management

Fancy Bear accused of stealing IAAF athlete data

Russian APT group Fancy Bear is believed to have struck again, this time compromising the medical data of more than 80 International Association of Athletics Federations (IAAF) athletes.

The attack occurred in February 2017 and was detected when metadata on athletes' Therapeutic Use Exemption (TUE), which details if athletes are allowed to use prescribed medical treatment, was taken from the server, according to ZDNet.  

The attack was discovered by cybersecurity firm Context Information Security and data from athletes who applied for TUEs since 2012 was compromised in the incident. The attack is believed to have been carried out by the same cyberespionage group which claimed responsibility for leaking Olympic athletes' confidential medical files after a breach at the World Anti-Doping Agency last year.

Fancy Bear was also linked to interference in the 2016 U.S. election and has yet to take responsibility for the latest attack.  

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.