The IAAF said on Monday that it had "suffered a cyber attack which it believes has compromised information about athletes' medical records," according to Brian Homewood of REUTERS. An IAAF statement said that the hacking group known as Fancy Bear "was believed to be behind the attack in February" and that it "targeted information concerning applications by athletics" for Therapeutic Use Exemptions. The IAAF said it had contacted athletes who had applied for TUEs since '12 and its president, Sebastian Coe, apologized. He said in a statement, "Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential. They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation." It was not known "if the information was stolen from the network," the IAAF said, but the incident was "a strong indication of the attackers' interest and intent, and shows they had access and means to obtain content from this file at will" (REUTERS, 4/3). The BBC reported Fancy Bear first hacked the WADA database on Sept. 13 last year and began "revealing athletes' confidential details" and information regarding TUEs -- which let athletes "take prohibited substances if there is a medical need." U.S. Olympic athletes "were targeted in the first hack," before Mo Farah, Helen Glover and Justin Rose were among the British athletes who had their medical files made public by the hackers (BBC, 4/3).
