The medical records of a number of leading U.S athletes have been leaked online. The data came from a hack of the World Anti-Doping Agency and Court of Arbitration for Sport (WADA-CAS).
A group of hackers operating under the name Tsar Team / Fancy Bears successfully hacked WADA’s anti-doping administration and management system (ADAMS) database and stole sensitive data on U.S. athletes. The data have now been uploaded to the hacking group’s website.
While medical data is often stolen for financial gain, the recent WADA-CAS hack appears not to be financially motivated, instead it was the intention of the hackers to gain access to medical data to show that it is not only Russian athletes that are involved in doping. The hackers claim that they stand for” fair play and clean sport.”
On the website, the hackers say they will be posting shocking details of top athletes that have been caught doping and that they will also publish data relating to a number of national Olympics teams. It is claimed that the data will show that a number of medal winners have been using performance-enhancing drugs. “We will start with the U.S. team which has disgraced its name by tainted victories.”
The hackers say on the website “Rio Olympic medalists regularly used illicit strong drugs justified by certificates of approval for therapeutic use. In other words, they just got their licenses for doping.” The post goes on to say, “This is other evidence that WADA and IOC’s Medical and Scientific Department are corrupt and deceitful.”
The hacking group has started by uploading medical files from tennis stars Serena and Venus Williams, gymnastics star Simone Biles, and basketball player, Elena Delle Donne. The hackers tweeted certificates of approval for the therapeutic use of substances such as Prednisone, oxycodone, hydrocortisone, and triamcinolone – All banned substances. Urine test results were also leaked that showed the presence of the stimulant methylphenidate and its metabolite, Ritalinic acid.
The uploaded data has not been verified as being genuine, although WADA has confirmed that it has been the victim of a cyberattack. A statement was issued on the WADA website confirming the data of athletes have been accessed.
The attack was allegedly pulled off by using spear phishing emails which enabled the hackers to obtain login credentials to the ADAMS database. Only data relating to Rio Olympic athletes appears to have been accessed
According to Olivier Niggli, Director General of WADA, “Wada deeply regrets this situation and is very conscious of the threat that it represents to athletes whose confidential information has been divulged through this criminal act.”