FIA faces consequences of cyberattack
The FIA is dealing with the aftermath of a hacker attack that targeted its computer systems last June. Months later, the Federation has published the results of its investigation, highlighting a serious vulnerability in the system.
The FIA confirmed the breach and announced that immediate measures were taken to protect the sensitive data of its drivers.
How the attack occurred
According to the report published on the Federation’s website, hackers gained access by creating a personal account and exploiting firewall weaknesses to obtain administrator privileges. This allowed them to access personal information for any Formula 1 driver simply by searching their name.
Through internal testing, Ian Carroll, a security researcher, noted that “it was possible to access potential sensitive data, including passports, driver licenses, and passwords linked to Max Verstappen. This information was accessible for all F1 drivers via categorization, along with sensitive internal FIA operations data. We did not access any passports or sensitive information, and all data was deleted.”
FIA response and measures
The Formula 1 governing body addressed the hack in a statement to RaceFans. The document states that after reporting the issue to the relevant authorities, the FIA implemented all necessary measures to protect sensitive data. The Federation also disclosed the number of drivers affected by the breach.
Researchers report that the FIA took the website offline on June 3, the same day the hacker attack was detected.
The FIA asserts it has “invested heavily in cybersecurity measures and resilience across its digital assets.” In addition, the Federation has “implemented world-class data security measures to protect all stakeholders and enforce a security-by-design policy in all new digital initiatives.”
Leave a Reply