FIFA admits hack and braces for new leaks

March 2018 phishing incident pegged as possible origin of latest hack and subsequent data theft.
Written by Catalin Cimpanu, Contributor

FIFA officials are bracing for new damaging leaks to be published this week after soccer's governing body fell victim to a phishing attack.

FIFA President Gianni Infantino admitted to the new hack while talking to the press after a FIFA Council meeting last week in Kigali, Rwanda.

He said that both FIFA, soccer's global governing entity, but also UEFA, Europe's soccer body, had received hundreds of questions from journalists about subjects only recorded in FIFA confidential documents.

Also: SAP, San Francisco 49ers launch stadium operations platform in U.S.

Officials believe that someone at FIFA fell victim to a phishing attack this March, the New York Times reported on Tuesday.

Hackers are believed to have used this entry point to gain access to confidential data, which they have now leaked to Football Leaks, a website that became famous in late 2015 after it started publishing internal FIFA documents revealing the dirty dealings of the soccer player market. The 2015 leak, believed to have been caused by insiders, led to the firing of many FIFA officials and the prosecution of soccer superstars such as footballer Cristiano Ronaldo and coach Jose Mourinho.

The Football Leaks organization has already shared some of the files obtained from the recent hack with news agencies part of the European Investigative Collaborations (EIC), which said it plans to publish the new revelations starting this Friday, November 2.

In a statement released to the Associated Press and other news organizations, FIFA said it was "concerned by the fact that some information has been obtained illegally," and that it "condemns any attempts to compromise the confidentiality, integrity and availability of data in any organisation using unlawful practices."

FIFA breached by Kremlin hackers in 2017

This is the second major hack in FIFA's history. Officers part of Russia's Main Intelligence Directorate (GRU), the military intelligence agency of Russia's armed forces, also breached FIFA's IT systems in 2017.

Hackers stole and made public information about 150 failed drug tests and soccer players that were allowed to take drugs for medical conditions --known as therapeutic use exemptions (TUEs).

Also: The case for business model innovation: A sports story

While names of players who failed drug tests were never published, hackers did publish names of players who received TUEs, which included big names such as Dirk Kuyt, Juan Sebastián Verón, and Carlos Tevez.

The group operated online under the monicker of Fancy Bears. The US charged seven Russian nationals believed to be behind the Fancy Bears hacks on FIFA and WADA (World Anti-Doping Agency) in September this year. The Fancy Bears intrusions were also caused the result of simple phishing attacks.

These are 2018's biggest hacks, leaks, and data breaches

Related stories:

Editorial standards