The organization that oversees Sweden’s national sports federations was hacked by Russian military intelligence in 2017-18, officials said Tuesday, in a data-breaching campaign that also affected some of the world’s leading sporting bodies, including FIFA and the World Anti-Doping Agency.
Swedish prosecutors said the “repeated and comprehensive breaches” of the Swedish Sports Confederation by GRU resulted in athletes’ personal details, such as medical records, being accessed and that information being published by Swedish media.
The hacking was discovered following an investigation by the Swedish Security Service in cooperation with the security services of other countries. But the investigation has been discontinued because “the necessary preconditions for taking legal proceedings abroad or extradition to Sweden are lacking,” public prosecutor Mats Ljungqvist said.
The data breaches were said to have taken place from December 2017 to May 2018. At that time, Sweden was putting together a bid to host the 2026 Winter Olympics.
Among the athletes who had private information accessed was women’s national team soccer player Olivia Schough.
“This is a serious crime against humanity and values where personal information that can be sensitive was spread without the slightest thought about how it can affect individuals,” said Bjorn Eriksson, the chairman of the Swedish Sports Confederation.
Ljungqvist said the data breaches were part of a larger, systematic campaign by Russian hackers against international sports organizations, such as FIFA, WADA, the United States Anti-Doping Agency and the Court of Arbitration for Sport. The United States issued indictments in 2018 for alleged Russian hacking of Olympic and soccer bodies.
The hacking campaign began after Russia’s state-backed doping program was exposed in 2015.