IAAF

The governing body of global athletics (IAAF) suffered a cyber attack that compromised information about athletes’ medical records.

The information on athletics' requests for Therapeutic Use Exemptions was the focus of the breach.

Data about athlete TUEs was "gathered from a file server and saved on a newly formed file."

TUEs are authorizations granted by national anti-doping organizations and sports federations to athletes to use specific drugs that are prohibited for legitimate medical reasons.

Source: https://www.reuters.com/article/us-sport-doping-iaaf-idUSKBN1750ZM

"id": "IAA21314822",
"linkid": "iaafauto",
"type": "Breach",
"date": "04/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"