The medical files of several top U.S. Olympic athletes were posted online Tuesday by a notorious Russian hacking group that was attempting to show other nation’s “tainted victories” at the Rio games in August.
The World Anti-Doping Agency confirmed the hack in a statement, noting the theft of confidential medical data which showed Therapeutic Use Exemptions – an official approval for athletes with certain medical conditions to use drugs that are typically banned by WADA.
The TUE’s of gymnast Simone Biles, tennis stars Serena and Venus Williams and women’s basketball forward Elena Delle Donne were disclosed in the hack. None of the quartet has been suspended for taking a banned substance and each of the athletes had TUE’s for the substances they tested positive for.
“Simone has filed the proper paperwork per USADA and WADA requirements, and there is no violation,” Steve Penny, president of USA Gymnastics, said in a statement.
Biles later tweeted that she's had ADHD since she was a child and has taken prescribed medication for it.
"Please know, I believe in clean sport, have always followed the rules, and will continue to do so as fair play is critical to sport and is very important to me," she said.
Having ADHD, and taking medicine for it is nothing to be ashamed of nothing that I'm afraid to let people know.— Simone Biles (@Simone_Biles) September 13, 2016
Delle Donne tweeted a picture of herself after undergoing thumb surgery and sarcastically thanked the hackers for "making the world aware that I legally take a prescription for a condition I've been diagnosed with, which WADA granted me an exemption for. Thanks, guys!"
Quick update! pic.twitter.com/5tuZNIpVLC— Elena Delle Donne (@De11eDonne) September 13, 2016
But those statements did little to mollify Fancy Bears, the same Russian group suspected of hacking Democratic National Committee files in July.
“The Rio Olympic medalists regularly used illicit strong drugs justified by certificates of approval for therapeutic use,” Fancy Bears wrote on its website. “In other words they just got their licenses for doping.”
WADA said the hack occurred through the “spear phishing of email accounts.” In such an attack, a phony email is sent purporting to be from an individual or company that is known to and trusted by the intended target.
WADA had previously been hacked in early August when a whistleblower that helped blow the lid on systemic Russian doping had her password illegally obtained.
Dozens of Russian athletes were banned from competing at Rio after a July report showed state-sponsored doping in numerous sports.
“WADA deeply regrets this situation and is very conscious of the threat that it represents to athletes whose confidential information has been divulged through this criminal act,” WADA Director General Olivier Niggli said in a statement.