Prop gun kills one on set of Alec Baldwin movie iPod at 20: Inventor looks back Moderna booster approved Dune review Uncharted movie trailer PS5 restock tracker

Russian hackers target US athlete information, anti-doping agency says

Hackers leaked medical files on Simone Biles and the Williams sisters.


Serena Williams plays in the womens final of the Sony Open.

Michele Eve Sandberg, Corbis via Getty Images

Who's responsible for a leak of information on US Olympic Athletes? The Russians, according to the World Anti-Doping Agency.

The agency confirmed Tuesday that hackers targeted its employee Yulia Stepanova, stealing her password and accessing a company system that held files for competitors in the 2016 Summer Olympic Games in Rio de Janeiro. The agency said Stepanova was responsible for blowing the whistle on doping in the Russian Olympic team. The doping scandal that ensued led the country's entire track and field team to be banned from the competition.

On a public website, a group calling itself "Fancy Bears' international hack team" says it has posted the records of American gymnast Simone Biles, basketball player Elena Delle Donne, and tennis superstars Venus and Serena Williams.

The World Anti-Doping Agency said in its statement that these hackers are the same group that security researchers refer to as APT28 or Fancy Bear. Cybersecurity company CrowdStrike identified Fancy Bear as one of the groups behind a hacking attack on the Democratic National Committee. The company also suspects the group is affiliated with one of two Russian government agencies.

The World Anti-Doping Agency declined to comment on how it knew the Fancy Bear or APT28 group was responsible for the hack, beyond the similar name.

"WADA deeply regrets this situation and is very conscious of the threat that it represents to athletes whose confidential information has been divulged through this criminal act," said Director General Olivier Niggli in a statement.

Update, 2:32 p.m. PT: Adds that the World Anti-Doping Agency declined to comment on how it knew the APT28 or Fancy Bear group was behind the hack.