Bradley Wiggins and Chris Froome among athletes named in new attack by Russian hackers

Sign up to our free sport newsletter for all the latest news on everything from cycling to boxing

Sign up to our free sport email for all the latest news

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Five British Olympic sports stars have seen their confidential health records leaked online by hackers, the World Anti-Doping Agency (Wada) has confirmed.

They include British cyclists Sir Bradley Wiggins, who won gold in Rio, and Chris Froome, a three-time champion of the Tour de France.

The watchdog said the “criminal attack” by a Russia-based cyber-espionage group had released a second tranche of documents, including details of American and German athletes.

Wada first fell victim to the hackers on Tuesday when medical records relating to “therapeutic use exemptions” granted to certain athletes were made public.

The body confirmed on Thursday that another leak of “confidential athlete data” had taken place.

According to BBC News, the leak showed Wiggins was allowed to take two banned substances, including a drug for a pollen allergy, during competitions between 2008 and 2013.

Froome was granted permission to take the banned steroid prednisolone from 2013 to 2014. Media reports from the time said he was given the steroid-based drug to treat a chill.

There is no suggestion the athletes are involved in any wrongdoing. Wiggins has yet to comment publicly on the Wada hack.

In a statement, Froome said: “I’ve openly discussed my TUEs [therapeutic use exemptions] with the media and have no issues with the leak which only confirms my statements.

“In nine years as a professional I’ve twice required a TUE for exacerbated asthma, the last time was in 2014.”

The other British athletes whose records have been leaked are golfer Charley Hull, rugby sevens player Heather Fisher and rower Sam Townsend.

Wada’s statement on the new release read: “Fancy Bear [aka Tsar Team (APT28)] have leaked another batch of confidential athlete data from Wada’s Anti-Doping Administration and Management System (ADAMS).

“Similar to the leak that the Agency announced on 13 September, this time the group released the confidential athlete data of 25 athletes, from eight countries, into the public domain.

“The targeted athletes include 10 from the United States, five from Germany, five from Great Britain, one from the Czech Republic, one from Denmark, one from Poland, one from Romania, and one from Russia.”

The organisation revealed that hackers had illegally gained access to its anti-doping administration and management system database via an International Olympic Committee-created account for the Rio Games.

Wada director general Olivier Niggli said: “Wada is very mindful that this criminal attack, which to date has recklessly exposed personal data of 29 athletes, will be very distressing for the athletes targeted and cause apprehension for all athletes that were involved in the Rio 2016 Olympic Games.

“To those athletes that have been impacted, we regret that criminals have attempted to smear your reputations in this way and assure you that we are receiving intelligence and advice from the highest level law enforcement and IT security agencies that we are putting into action.

“Given this intelligence and advice, Wada has no doubt that these ongoing attacks are being carried out in retaliation against the Agency, and the global anti-doping system, because of our independent [Dick] Pound and [Richard] McLaren investigations that exposed state-sponsored doping in Russia.

“We condemn this criminal activity and have asked the Russian government to do everything in their power to make it stop.

“Continued cyber-attacks emanating from Russia seriously undermine the work that is being carried out to rebuild a compliant anti-doping programme in Russia.

“We still believe access to ADAMS was obtained through spear phishing of email accounts, whereby ADAMS passwords were obtained enabling access to ADAMS account information confined to the Rio 2016 Games.

“We have no reason to believe that other ADAMS data has been compromised.”

Additional reporting by agencies