The Fédération Internationale de l’Automobile (FIA), the auto racing governing body since the 1950s, has confirmed that attackers gained unauthorized access to personal data after compromising several FIA email accounts in a phishing attack. The FIA data breach has raised significant concerns within the motorsport community and beyond, as the organization manages sensitive information related to its various operations and members.
In an official statement, the FIA revealed the extent of the breach: “Recent incidents pursuant to phishing attacks has led to the unauthorized access to personal data contained in two email accounts belonging to the FIA.” The organization has acknowledged the seriousness of the incident and has taken immediate action to mitigate the impact.
FIA Data Breach: Immediate Response and Regulatory Notification
Upon discovering the breach, the FIA acted swiftly to rectify the issues, notably cutting off illegitimate accesses in a very short time. The organization notified relevant regulatory bodies, including the Commission Nationale de l’Informatique et des Libertés (the French data protection regulator) and the Préposé Fédéral à la Protection des Données et à la Transparence (the Swiss data protection regulator).
“The FIA took all actions to rectify the issues, notably in cutting the illegitimate accesses in a very short time, once it became aware of the incidents and notified the Commission Nationale de l’Informatique et des Libertés (the French data protection regulator), and the Préposé Fédéral à la Protection des Données et à la Transparence (the Swiss data protection regulator),” reads the official statement.
The FIA has expressed regret for any concern caused to the affected individuals and emphasized its dedication to data protection. “We take our data protection and information security obligations very seriously and continuously review our systems to ensure they are robust, in the context of evolving cyber-criminality. The FIA has put additional security measures in place to protect against any future attacks.,” the FIA stated.
The organization has implemented additional security measures to protect against future attacks and is committed to ongoing improvements in its cybersecurity posture.
FIA’s Legacy and Role
Founded in 1904 as the Association Internationale des Automobile Clubs Reconnus (AIACR), the FIA is a non-profit international association that coordinates numerous auto racing championships, including the prestigious Formula 1 and the World Rally Championship (WRC). The FIA brings together 242 member organizations from 147 countries across five continents and controls the FIA Foundation, which promotes and funds road safety research.
Despite the swift response, the FIA has yet to disclose critical details about the cyberattack on FIA, including when it was detected, how many individuals’ personal information was accessed, and what specific data was exposed or stolen. This lack of information has left many stakeholders eager for further updates to understand the full scope and potential implications of the incident.
The Cyber Express has reached out to an FIA spokesperson with additional questions about the incident. However, a response was not immediately available. The Cyber Express will continue to monitor the situation and provide updates as more information becomes available.
In the meantime, organizations across all sectors are urged to review and strengthen their cybersecurity protocols to safeguard against similar threats.