The World Anti-Doping Agency (WADA) confirms that, again 3. Oct., the cyber hacker Group “Fancy Bear” released a batch of confidential athlete data on their website, which they illegally obtained from a Rio 2016 Olympic Games account of WADA’s Anti-Doping Administration and Management System (ADAMS).
This time, the group released Therapeutic-Use Exemption (TUE) data concerning 20 athletes from 14 countries, including: one from Argentina; one from Australia, one from Brazil, one from Canada, one from Colombia, one from Germany, one from France, one from Great Britain, three from Japan, two from New Zealand, two from Sweden, one from Venezuela, one from South Africa and three from the United States.
The athletes are from the sports of Aquatics, Canoe, Cycling, Equestrian, Field Hockey, Gymnastics, Judo, Rowing, Sailing, Table Tennis, Tennis, Triathlon and Weightlifting.
WADA is taking this situation concerning athlete privacy very seriously. The incident response team that WADA have assembled is actively working with law enforcement agencies in Canada and elsewhere, and acting on the intelligence obtained through our investigations to prevent any further intrusions. WADA are also consulting with leading cyber security experts to ensure that no further information is accessed from the broader ADAMS. As we here at ANTI-DOPING WORLD has said before, if WADA has had a 2-steps identifying for their mainusers ( IOC, WADA, IFs, MEOs and NADOs members agencys), this whould not had happend. 2-steps ID-verification is what every user can use for Facebook, Instagram, your e-mail etc without any problem. So this is a huge amateure failur from WADA. Examples of 2-steps verifications: Apple , Microsoft, and Facebook/Instagram/Twitter/Google. See YouTube video: https://youtu.be/qwSASj9EhPc
Fancy Bear obtained access to the Rio 2016 Olympic Games account through spear phishing of ADAMS users’ email accounts through which hackers obtained ADAMS passwords. We still have no reason to believe that they have accessed the broader ADAMS system.
The Agency is in contact with the relevant National Anti-Doping Organizations (NADOs) and International Federations (IFs) whose athletes are impacted by this latest data release so that they can provide them with the necessary support.
Should athletes, or other ADAMS users, have any questions or concerns; or, have encountered suspicious activity in relation to ADAMS such as phishing emails, they are encouraged to contact the helpdesk at firstname.lastname@example.org or on +1 514 904 8800.
WADA wishes to emphasize that TUEs are only granted by IFs, NADOs and Major Event Organizers (MEOs) following a robust review process that is defined in the International Standard for Therapeutic Use Exemptions (ISTUE); and, evaluation by three physicians specialized in sports medicine and/or other relevant specialties. Granted TUEs are subject to further evaluation by the relevant ADOs and WADA. WADA has confidence in the TUE system.
The Agency is committed to providing updates as circumstances evolve.
Olympic triathlon champion Alistair Brownlee became the latest star to have his medical data leaked by Russian computer hackers. Therapeutic use exemption’s (TUE) are effectively a doctor’s note enabling athletes to take medication that would normally be banned by the World Anti-Doping Agency and Brownlee’s was for a two-day course of acetazolamide in 2013. Acetazolamide is used to treat altitude sickness or glaucoma, although some athletes are believed to have used it as a masking agent. “I have had one TUE in my career in October 2013 for Diamox to treat altitude sickness while climbing Kilimanjaro,” Brownlee wrote on Twitter. As with the other 126 athletes whose TUEs have been leaked from WADA’s database by hackers known as the ‘Fancy Bears’, there is no suggestion Brownlee, a four-time world champion, has broken any anti-doping rules.