Formula 1 governing body discloses data breach after email hacks


FIA (Fédération Internationale de l’Automobile), the auto racing governing body since the 1950s, says attackers gained access to personal data after compromising several FIA email accounts in a phishing attack.

Founded in 1904 as the Association Internationale des Automobile Clubs Reconnus (AIACR), FIA is a non-profit international association that coordinates many auto racing championships, including Formula 1 and the World Rally Championship (WRC).

It also brings together 242 member organizations from 147 countries across five continents and controls the FIA Foundation, which promotes and funds road safety research.

“Recent incidents pursuant to phishing attacks has led to the unauthorised access to personal data contained in two email accounts belonging to the FIA,” the organization said on Wednesday.

“The FIA took all actions to rectify the issues, notably in cutting the illegitimate accesses in a very short time, once it became aware of the incidents.”

FIA says it notified the Préposé Fédéral à la Protection des Données et à la Transparence (the Swiss data protection regulator) and the Commission Nationale de l’Informatique et des Libertés (the French data protection regulator) of the incident.

The F1 governing body has also taken additional security measures to block similar attacks in the future and said it “regrets any concern caused to the affected individuals.”

“We take our data protection and information security obligations very seriously and continuously review our systems to ensure they are robust, in the context of evolving cyber-criminality,” FIA added.

The organization has yet to disclose when the breach was detected, how many individuals’ personal information was accessed, and what sensitive data was exposed or stolen in the incident.

BleepingComputer contacted an FIA spokesperson with additional questions about the incident, but a response was not immediately available.



Source link