Japanese government official says Olympic ticket data leaked

Update: In a statement to ZDNet, a spokesperson for the Tokyo 2020 international communications team said the initial statement by a Japanese government official was incorrect.

“We are aware of the incident and, after checking the facts, we can confirm that it was not a Tokyo 2020 system leak,” the spokesperson said.

“While we are in regular contact with the government and other relevant organizations, we have already taken steps in the form of password resets to limit any damage to the very limited number of credentials detected in this case on the basis of the information provided by the government. “

Previously: A government official said Kyodo News On Wednesday, the Tokyo Olympics ticket portal login credentials and passwords were posted on a leaked website following a breach.

The official said the leak was “not significant,” but admitted that the usernames and passwords would give someone access to name, address, bank account information and more.

Speaking anonymously, the government source said the body organizing the Games had opened an investigation. The leak also included the names, addresses and bank account information of people who purchased Paralympic Games tickets as well as another portal for volunteers. They did not say how many accounts were disclosed.

Some online disputed the claims that there had been a violation. Twitter user pancak3 localized accounts for these Dark Web Marketplace registration sites and stated “that there are no posts on any of the forums showing direct information leaks.”

He then explained to ZDNet that the data was not linked to a breach but rather was the result of attacks using the RedLine malware and other information thieves. The Japanese Olympic Committee did not respond to requests for comment.

The news came a day after the FBI issued a private industry alert urging organizations working with the Tokyo 2020 Summer Olympics to prepare for a wave of “DDoS, ransomware, social engineering, phishing campaigns or insider threats to block or disrupt live broadcasts of the event, steal and possibly hack and disclose or retain sensitive hostages or impact the public or private digital infrastructures supporting the Olympic Games. ”

“Malicious activity could disrupt several functions, including media broadcast environments, reception, transit, ticketing or security,” the FBI notice said on Tuesday. “The FBI is not yet aware of any specific cyberthreats against these Olympics, but encourages its partners to remain vigilant and maintain best practices in their network and digital environments.”

The opinion goes on to refer to the Pyeongchang Cyber ​​Attack which took place during the last Olympic Games in February 2018, where Russian hackers deployed OlympicDestroyer malware and damaged web servers during the opening ceremony.

The hackers “obscured the true source of the malware by emulating code used by a North Korean group, creating the potential for misattribution,” the advisory said. In October, the Ministry of Justice indicted six Russian intelligence agents for the Pyeongchang Games attack.

In addition to widespread and more targeted harpooning campaigns against Olympic officials in Japan, the advisory also warns of potential attacks on “hotels, public transport providers, ticketing services, airport security infrastructure. events or support functions similar to the Olympics “.

The FBI added that two months ago, Japanese computer giant Fujitsu reported a breach that disclosed data from several of its government clients, including the Tokyo 2020 Organizing Committee and the Japanese Ministry of Spatial Planning, Infrastructures, Transport and Tourism.

In October, the UK issued a similar warning explicitly naming the Russian government as supporters of a broad campaign to launch attacks on the upcoming Olympic Games.

Minister of Foreign Affairs Dominic Raab Russia’s military intelligence service said, the GRU, was carrying out “cyber reconnaissance” against officials and organizations at the 2020 Olympic and Paralympic Games. He added that the GRU’s actions against the Olympic and Paralympic Games were “cynical and reckless”.

Tony Cole, CTO of Attivo Networks, said that during discussions with Olympic organizers focused on cyber defense at Rio 2016 and Tokyo 2021, some told him that even years of preparation might not be enough to protect everything.

“Well-resourced and determined adversaries will sooner or later find a way into the environment, so early detection is key to countering these attacks and mitigating possible impacts,” Cole said.

Comments are closed.