World Anti-Doping Agency Site Hacked; Thousands of Accounts Leaked

Anonymous Poland hacked World Anti-Doping Agency and Court of Arbitration for Sport’s servers’ server and leaked personal details for God knows what reason!

A Twitter account claiming affiliation with Anonymous Poland hacktivist group recently contacted HackRead with a data file stolen from the World Anti-Doping Agency and Court of Arbitration for Sport’s servers (WADA-CAS).

The hacker behind this breach did not state any reason or motive but looking at their Twitter handle it is obvious that they have been targeting random platforms. 

In order to get a better understanding about the leaked files we contacted online data mining company Hacked-DB, here’s what was found: 

The total size of leaked folder is 412MB which contains 3,121 unique email accounts along with their passwords that are hashed with old MD5 encryption that can be decrypt within seconds. In addition, there are names personal details of site’s authors and contributors detected in the database file. The attack was executed by SQL injection flaw with SQLMap SQL Injection Automation Tool, according to Hacked-DB’s analysis.

List of most used email domains:

world-anti-doping-agency-site-hacked-thousands-of-accounts-leaked-2

world-anti-doping-agency-site-hacked-thousands-of-accounts-leaked-3
Authors and contributors details along with hashed passwords
Related: Cyber Criminals Using Rio Olympics as Bait to Target Users with Phishing Scams

Maggie Durand of WADA-CAS has acknowledged the hack but claimed that WADA’s ADAMS database of doping results “has not been compromised,” but that so-called phishing emails were sent to users of the database disguised as official WADA communications requesting their login details.

WADA was recently criticized by Russian government after an independent investigation confirmed Russian state manipulation of the doping control process yet none of the Russian hackers claimed any responsibility for this attack, however, targeting anti-doping agency when Rio Olympics are at their peak says a lot about this attack.

Video uploaded by the hacker showing how he hacked WADA’s server!

More:  New Security Checkup Tested by Facebook for Optimal Security of your Account
Related: Internet Minefield: Beware of fake WiFi spots in Rio stealing user data

The CAS (Court of Arbitration for Sport) is an independent institution, based in Lausanne, involved in resolving legal disputes in the field of the sport through arbitration and mediation. The CAS jurisdiction is recognized by all Olympic sports federations and many non-Olympic federations. The CAS registers more than 400 cases each year.

Written by Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.