had `` compromisedAttack.Databreachathletes ' Therapeutic Use Exemption ( TUE ) applications stored on IAAF servers . '' However , `` it is not known if this information was subsequently stolenAttack.Databreachfrom the network . '' The Fancy Bear website and Twitter account bore no mention of the hacks Monday morning . TUEs are special exemptions given to athletes that allow them to take otherwise banned substances if they have a specific medical need . A statement on the IAAF website said : `` The presence of unauthorized remote accessAttack.Databreachto the IAAF network by the attackers was noted on 21 February where meta data on athlete TUEs was collectedAttack.Databreachfrom a file server and stored in a newly created file . '' While the IAAF did not know if that data was eventually taken , it said there was “ a strong indication of the attackers ’ interest and intent. ” Fancy Bear was responsible for a hack that targeted the World Anti-Doping Agency ( WADA ) last year , subsequently revealing what it said were TUEs granted to a host of U.S. Olympics stars . NBC News reported details of the suspected hackAttack.Databreachof WADA files in August saying it was part of the same covert influence campaign by Russian President Vladimir Putin 's government to target the U.S. government , political organizations and others and potentially disrupt the November election . U.S. officials have also previously linked Fancy Bear to GRU , the Russian military intelligence agency . However , Russian officials denied playing any role in the various hacks attributed to Fancy Bear . The IAAF said athletes who have applied for TUEs since 2012 have been contacted . It added that it had since carried out a `` complex remediation across all systems and servers in order to remove the attackers ’ access to the network . '' IAAF President Sebastian Coe also weighed in . `` Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential , '' he said . `` They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation and work with the world ’ s best organizations to create as safe an environment as we can . ''
The Fancy Bear hackers , believed to be sponsored by Russia 's main intelligence arm , the GRU , are back at it and have successfully breached the International Association of Athletics Federations . The IAAF is the world governing body for track and field . Just as with the 2016 attacksAttack.Databreachon the World Anti-Doping Agency ( WADA ) , also allegedly perpetratedAttack.Databreachby Kremlin-backed hackers , data on Therapeutic Use Exemption ( TUE ) applications were targeted . TUEs allow athletes to take normally-prohibited substances where they 're required , such as when they suffer from an illness . Sebastian Coe , an Olympic champion and current IAAF president , said the organization apologized to athletes affected by the hack , which dated back to at least February 21 . It was only this weekend , however , that the IAAF and partner organizations carried out a `` complex remediation across all systems and servers in order to remove the attackers ' access to the network , '' according to the official statement . On first inspection , it appeared data on TUEs was collectedAttack.Databreachfrom a file server and stored in a newly created file , though it was n't clear if the information had been takenAttack.Databreachoutside the network . `` Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential , '' said Coe . The IAAF 's contractor , Context Information Security , discovered the breach . The find came after the security firm was asked by the IAAF in January to `` conduct a proactive and thorough technical investigation across its systems , which led to the discovery of a sophisticated intrusion , '' a Context spokesperson told Forbes via email . The company was confident Fancy Bear , also known as APT28 , was responsible . `` The threat intelligence team at Context Information Security has tracked the tools , techniques and procedures of Fancy Bear/APT28 for a number of years , through our own investigations and through collaboration with many other cyber security researchers [ and ] organizations . Our findings in this investigation give us a high degree of confidence that this cyber attack can be attributed to Fancy Bear/APT28 . '' In response to a question about the time it took from discovery in February to throwing the hackers off the network at the start of April , the spokesperson said the parties needed to collect forensic images to `` better understand how the attacks were carried out , what information may have been compromisedAttack.Databreach. '' `` By taking the time to fully investigate the attack , the IAAF was able to remove the attackers ' access to the network as effectively as possible , '' the spokesperson added . If IAAF had gone public with this before the investigation was complete and before the attackers ' access was removed , the attackers may have been tipped off to the investigation and performed further malicious actions . The Facebook page for the WADA hackers , who posted under the pluralized name Fancy Bears , has not been updated since December 2016 . Though the TUEs show athletes legally use normally-banned substances , the Fancy Bear hacks still caused trouble for some athletes . Those affected by last year 's attacks on WADA and the USADA hit huge names across a range of sports , including tennis giants Serena and Venus Williams , and Rafael Nadal , as well as cycling superstar Bradley Wiggins , who continues to contest rumors about Team Sky 's operations . The Fancy Bear group was accused by multiple security companies , the DHS and the FBI of being sponsored by the Russian government and of carrying out the significant breach of the Democratic National Committee ( DNC ) .