Share this article on:
The governing body for a number of different motorsports, including Formula 1, the World Rally Championship, and the World Touring Car Cup, Fédération Internationale de l’Automobile (FIA), has revealed that threat actors breached its systems and gained access to personal data.
In a statement posted to the agency’s website, the FIA said that the threat actors gained unauthorised access through phishing attacks.
“Recent incidents … [have] led to the unauthorised access to personal data contained in two email accounts belonging to the FIA,” said the agency.
“The FIA took all actions to rectify the issues, notably in cutting the illegitimate accesses in a very short time, once it became aware of the incidents and notified the Commission Nationale de l’Informatique et des Libertés (the French data protection regulator), and the Préposé Fédéral à la Protection des Données et à la Transparence (the Swiss data protection regulator).
“The FIA regrets any concern caused to the affected individuals.
“We take our data protection and information security obligations very seriously and continuously review our systems to ensure they are robust, in the context of evolving cyber criminality. The FIA has put additional security measures in place to protect against any future attacks.”
The threat actor behind the FIA breach is currently unknown, nor is there anything to suggest the nature of the incident, such as hacktivism or a ransomware attack.
The FIA has also yet to reveal the date of the incident, what information was potentially accessed and exfiltrated, and how many people were affected by the incident.