The hacker group calling itself Fancy Bears has leaked another batch of athlete medical records stolen from the systems of the World Anti-Doping Agency (WADA). The organization has confirmed the leak and again blamed Russia for the attack on its systems.
Earlier this week, the Fancy Bears group, which claims to be affiliated with the Anonymous hacktivist movement, leaked the Rio Olympics test results and therapeutic use exemptions of several U.S. athletes who they accused of being unjustly allowed by the WADA to use banned substances. The list of affected athletes included gymnast Simone Biles, basketball player Elena Delle Donne, and tennis players Venus and Serena Williams, all of whom have denied any wrongdoing.
The hackers announced on Thursday a new round of leaks targeting a total of 25 athletes from the United States, United Kingdom, Denmark, Russia, Poland, Czech Republic, Romania and Germany.
“The list of doping addicts includes not only the athletes of the top Olympic teams but also those who compete for other countries,” the hackers said in a statement accompanying the leak. “We’ll keep on telling the world about doping in elite sports. Stay tuned for new leaks.”
WADA has confirmed that the leaked files are genuine and pointed out that the information was obtained after hackers accessed the organization’s Anti-Doping Administration and Management System (ADAMS) through compromised credentials obtained via email spear-phishing attacks.
WADA insists that the Russia-linked cyberespionage group known as Fancy Bear, APT28, Pawn Storm, Sednit, Sofacy, Tsar Team and Strontium is behind the cyberattack. The organization reached this conclusion based on information provided by law enforcement and the timing of the attack.
“Given this intelligence and advice [from law enforcement and IT security agencies], WADA has no doubt that these ongoing attacks are being carried out in retaliation against the Agency, and the global anti-doping system, because of our independent Pound and McLaren investigations that exposed state-sponsored doping in Russia,” said Olivier Niggli, director general of WADA. “We condemn this criminal activity and have asked the Russian Government to do everything in their power to make it stop.”
Russia has repeatedly denied any involvement, but officials have complained about the lack of transparency and accused WADA of favoring some countries.
News of the WADA hack emerged in August. At the time, threat intelligence firm ThreatConnect published a blog post detailing the connection between this attack and the Russian threat group APT28.
APT28 is also believed to be responsible for the recent attacks on the U.S. Democratic Party. A hacktivist using the online moniker Guccifer 2.0 took credit for the Democratic Party breach, and while he claims to be a lone wolf from Romania, experts believe it’s just a persona used by Russian intelligence to throw investigators off track.