User IDs and passwords stored in the Tokyo Olympics ticket portal were accessed by hackers who then posted the data on a dark web forum, Kyodo News quoted a government official as saying on Wednesday. The official told Kyodo that the breach could have allowed hackers to obtain the names, addresses and bank account information of ticket bookers. According to Kyodo's sources, hackers used RedLine malware and other information thieves to steal data records. The circulation of account information is said to be "not large," and the Tokyo Organizing Committee is conducting further investigations into the matter.
The government official added that the Tokyo Olympics organizers are currently investigating the data breach. However, the Tokyo 2020 international communications team has completely refuted the report. In a statement to ZDNet, a spokesperson for the team said, "We are aware of the incident and after checking the facts, we can confirm that this is not a leak of the Tokyo 2020 system. "
He added: "While we have been in regular contact with the government and other relevant organizations, we have taken steps in the form of password resets to limit any damage to the very limited number of IDs detected in this case, based on information provided by the government. "
According to the official's statement, it is now clear that certain user IDs and passwords were definitely exposed to malicious actors and could have been misused, but the breach did not involve a breach of systems operated by Tokyo 2020 organizers.
"Any data breach is a big problem for the affected organizations. Not only is their reputation at risk, but they also need to find out what happened, who was affected and notify them so they can avoid further problems." Boris Cipot, senior security engineer at Synopsys Software Integrity Group, said.
"It is well known that login data, such as user IDs and passwords, has been compromised. While this data itself may not be considered critical, it can create problems if an attacker uses it in combination to access a user's account. In this case, the exposed data extends to usernames, passwords, financial data, etc. "
"These types of credentials are often used to trick users into obtaining more data through targeted or general phishing attacks. Targeted attacks are possible because of the presence of officials among the ticket holders. "
"Olympic ticket holders are advised to change their passwords on all other platforms they use, especially if they reuse the same password on multiple accounts." He added, "Another recommendation is to avoid clicking on links in emails, filling out forms or opening attachments, especially from unknown or untrusted sources."