Hackers have uncovered a flaw within the FIA web site containing private information of drivers together with Formulation 1 world champion Max Verstappen.
F1’s governing physique, the FIA, acknowledged {that a} safety breach involving delicate private info of drivers, together with Verstappen, occurred over the summer season, however stated steps had been taken to guard the information.
The FIA has additionally reported this matter to the related information safety authorities.
The cyber hack was reported by safety researcher Ian Carroll on Wednesday. Carroll defined that he and two colleagues had entry to delicate info inside the FIA’s driver classification portal, together with passport numbers and private contact particulars.
The trio stated that after their request to grow to be an administrator of the portal was accepted, they had been capable of view the non-public information of all drivers contained inside the system. This gave them entry to Verstappen’s resume, superlicense, passport, and different vital private information.
They stated they didn’t maintain any info and instantly reported their findings to the FIA.
“We canceled the check after discovering that we had entry to Max Verstappen’s passport, resume, driver’s license, password hashes, and PII (Personally Identifiable Data),” Carroll wrote.
“This information, together with confidential info for FIA inner operations, was accessible to all categorized F1 drivers. We didn’t have entry to any passports (or) confidential info and all information was deleted.”
FIA responds with assertion
The FIA responded to the cyber incident in an announcement revealed on Crash.internet.
“The FIA turned conscious of a cyber incident involving the FIA driver classification web site in the course of the summer season,” an FIA spokesperson stated.
“Fast motion was taken to guard driver information and the FIA has reported this matter to the suitable information safety authority in accordance with its obligations.
“We now have additionally notified a small variety of drivers affected by this situation. No different FIA digital platforms had been affected by this incident.
“FIA has made in depth investments in cybersecurity and resilience measures throughout its digital belongings. FIA has carried out world-class information safety measures to guard all stakeholders and implements security-by-design insurance policies in all new digital initiatives.”
