The Fédération Internationale de Football Association, aka FIFA, is a governing body of association football, futsal, and beach soccer.
FIFA reveals it was the victim of a new successful phishing campaign that resulted in the exposed confidential information of the organizations.
The FIFA hack occurred in March, according to the experts it is not related to the previous one that was carried out by the Russia-linked APT group Fancy Bears.
In August 2017, Fancy Bears hackers claimed that around 160 football players failed drug tests in 2015, and 25 2010 World Cup players used doping medicines.
This second hack was discovered by Football Leaks after it has received a new collection of internal documents. Football Leaks is the same organization that published documents obtained in the first hack.
“UEFA officials were targeted in a so-called phishing operation in which third parties fool their targets into giving up password-protected login details, though the organization has been unable to find traces of a hack in its computer systems.” states The New York Times.
“FIFA officials discussed the prospect of a new hack, and more uncomfortable revelations in the news media, on the edges of the FIFA Council meeting last week in Kigali, Rwanda.”
FIFA released the following statement after the announcement of the hack:
“Fifa condemns any attempts to compromise the confidentiality, integrity and availability of data in any organization using unlawful practices.”
The documents were first obtained by the German newsweekly Der Spiegel that shared them with an investigative reporting consortium known as European Investigative Collaborations (EIC).
European Investigative Collaborations announced it will begin publishing the information as soon as tomorrow.
(Security Affairs – hacking, data breach)