The attack by FANCY BEAR, also known as APT28, was detected during a proactive investigation carried out by cyber incident response (CIR) firm Context Information Security, who were contacted by IAAF at the beginning of January to undertake a technical investigation across IAAF systems.
Over the past month the IAAF has consulted the UK National Cyber Security Centre (NCSC) and the Agence Monégasque de Sécurité Numérique (Monaco AMSN) and worked with Context to carry out a complex remediation across all systems and servers in order to remove the attackers’ access to the network. This was carried out and completed over the weekend.
Athletes who have applied for TUEs since 2012 have today been contacted and provided with a dedicated email address to contact the IAAF if they have any questions. Any other athlete concerned about their TUE applications should go to askiaaf.org, complete and submit the form and we will respond, wherever possible, within 24 hours.
“Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential,” said IAAF President Sebastian Coe. "They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation and work with the world’s best organisations to create as safe an environment as we can."