Fancy Bears hackers use plain old phishing to steal health records

With health records exfiltrated, and spear phishing the modus operandi, there’s plenty the NHS can learn from the WADA hack

The World Anti-Doping Agency has been hacked. More precisely, the WADA Anti-Doping Administration and Management System (ADAMS) database that it operates has been hacked. Why are we, here at Digital Health, telling you this? Because the ADAMS database stores lab test results and, importantly, Therapeutic Use Exemption (TUE) authorisation records for sportsmen and women from across the globe.

It is these health records, for that’s what they are, that have been exfiltrated and are currently in the process of being leaked to the media. Dozens of sporting names, including the likes of Mo Farah, Chris Froome, Sir Bradley Wiggins and Serena Williams, have had details of their TUE records exposed.

This has apparently been done in an attempt to discredit WADA rather than the athletes themselves, most likely in retaliation at the bans levied upon Russian athletes following an investigation into the state-supported manipulation of the doping control process.

Click here to read complete article