Information security advice for Team Sky following Chris Froome 'data breach'

Cycling's Team Sky has called in lawyers to investigate the possible theft of performance data for team leader Chris Froome.

Maurice Garin, winner of the first Tour de France standing on the right, 1903
Maurice Garin, winner of the first Tour de France standing on the right, 1903

Sir Dave Brailsford, Team Sky principal, believes attackers broke into the team's computers and stole Froome's performance data so they could analyse it for signs of doping. He revealed his concerns on Monday, the Tour de France's first rest day.

Froome has been dogged by rumours of doping since his winning ride in the 2013 Tour. Team Sky is famously reticent to release performance data but at the time took the unusual step of releasing his performance data going back to 2011 to refute the allegations.

On Monday, a video was posted on YouTube which claimed to show Froome's ride on Mont Ventoux during the 2013 Tour, overlaid with physiological data. The video was later removed but it didn't stop some people who had seen the video to take to Twitter to offer their armchair analysis of the data.

Froome and Team Sky have always insisted they compete clean and that Froome's performance is possible without the use of performance-enhancing drugs.

No additional information was available regarding the hack such as who might have been behind it or how it was executed. The alleged hack  is seen as part of a growing trend in attacks against the sports industry.

Bryan Lillie, chief technical officer, cyber-security, QinetiQ said no one is immune from hacking. “It's not just banks and governments – we all need to treat security seriously,” he said. “IoT, which includes many devices which monitor and collect personal information, creates huge amounts of valuable data which represents a new target for hackers, blackmailers, competitors and critics. The more that data becomes critical to your operation, the more seriously you need to take it. Sports teams may not seem like the traditional target of hackers, but if you have valuable data, you will be a target for someone.”

Wieland Alge, vice president and general manager of EMEA at Barracuda Networks said the hack was not surprising given the increasing number of hacks in the sports industry overall. “Consultancy firm PwC predicted that the global sports market is set to be worth £93 billion by the end of 2015. This growth is making clubs and organisations in the sector lucrative targets for hackers,” he said. “Sports teams, just like businesses, need to recognise that they are at risk of an attack. It is imperative that they set dedicated budget aside to address cyber-security.”

He added: “The sports-related industry makes a living from a tight and open relationship with fans and this inevitably makes them vulnerable to all kinds of social attacks. It turns out that such organisations often need a higher level of security built into their infrastructure than some traditional businesses like banks. This is one of the paradoxes that emerged with the increased intensity of digital interaction.”

Page 1 of 2