British Cycling riders’ data security breached
Exclusive: a data breach at the English Institute of Sport affected cyclists among athletes from other sports
The organisation which holds medical records and performance data on British Cycling funded athletes has been affected by a security breach, Cycling Weekly has learnt.
The English Institute of Sport (EIS) has sent communications to all cyclists concerned, though it is still in the process of informing athletes from other sports.
The EIS is the country's largest provider of sports science, medicine and technology.
The Manchester based operation holds athletes' medical data, performance data and data from physiological testing.
The EIS has confirmed to Cycling Weekly that the security breach in question affected emails only, and was not linked to the centralised data containing medical records and information such as Therapeutic Use Exemption (TUE) grants.
A full investigation has been completed and the EIS have said that security has now been restored.
A spokesperson from the EIS said: “We can confirm there has been an email security incident at the EIS.
Get The Leadout Newsletter
The latest race content, interviews, features, reviews and expert buying guides, direct to your inbox!
“A full investigation has been underway, and we are now in the process of working with sports to notify those affected in an appropriate manner. Until this process is complete, it would be inappropriate to comment further.
“For the avoidance of doubt, we can confirm that no clear source or cause of the incident was identified by external cyber security experts appointed to investigate, and that the EIS’s medical data system (PDMS) was not targeted or affected by this incident.”
British Cycling performance director Stephen Park said: “Following a data breach at the English Institute of Sport, we have communicated with all of our riders.
"We are satisfied that the data from this breach does not represent a significant risk to their privacy and additional support has been offered to everyone who has been directly affected. I would like to thank our colleagues at the EIS for their help throughout this process.”
In 2016, the World Anti Doping Agency (WADA) was hacked by the Fancy Bears Group, who revealed athletes' confidential medical information including Therapeutic Use Exemptions granted to the likes of Bradley Wiggins and Chris Froome.
This included the use of asthma medication Salbutamol and the corticoid Triamcinolone Acetonide.
The Fancy Bears gained access to the Anti-Doping Administration and Management System [ADAMS] that was created for the Rio 2016 Olympic games. In response, WADA deactivated the Rio 2016 ADAMS account, disabled the 'forgot password' feature and increased its security as well as deactivating dormant accounts.
Thank you for reading 20 articles this month* Join now for unlimited access
Enjoy your first month for just £1 / $1 / €1
*Read 5 free articles per month without a subscription
Join now for unlimited access
Try first month for just £1 / $1 / €1
Michelle Arthurs-Brennan the Editor of Cycling Weekly website. An NCTJ qualified traditional journalist by trade, Michelle began her career working for local newspapers. She's worked within the cycling industry since 2012, and joined the Cycling Weekly team in 2017, having previously been Editor at Total Women's Cycling. Prior to welcoming her daughter in 2022, Michelle raced on the road, track, and in time trials, and still rides as much as she can - albeit a fair proportion indoors, for now.
-
I've received some terrible cycling-themed Christmas presents over the years - and I treasure them all
Each bike-patterned gift is a reminder that we cyclists stand for something
By Tom Davidson Published
-
'I want to have success as an elite, not just as a junior' - Cat Ferguson on winning four world titles and starting her pro career
The 18-year-old, Cycling Weekly's Female Rider of the Year for 2024, tells Tom Davidson about her ‘perfect season’
By Tom Davidson Published