A Japanese government official has confirmed that the Tokyo 2020 Olympics were hit by a substantial data breach. This breach has revealed ticket holders' login information, which can be used to access the website and find data like addresses, names, and even bank details.
This breach was not limited to just the Olympics. The breach was targeted at Fujitsu, a large Japanese tech company that supplies technology to Japan's government, and some of the victims of the attack include the Tokyo Olympics Organising Committee, and the Japanese Ministry of Land, Infrastructure, Transport, and Tourism.
No official wording has been released by the International Olympic Committee or the Japanese government beyond confirmation of the hack.
What Happened With the Olympic Hack?
The Olympic games have been dealing with hackers for a while, as they experienced numerous attacks during the 2016 and 2012 Olympics, with many athletes also receiving phishing emails. Their database would be a treasure trove of information for anyone able to break in, so many hackers view it as being worth the effort.
In this case, hackers gained access into the Olympic database, gaining multiple log-ins. These log-ins would provide hackers with various Olympic ticket holders' sensitive information. Japan claims that the attacks weren't particularly substantial and that they're making sure these same methods won't be effective in the future.
The FBI itself has been cautious of cyber attacks during the Olympics, warning host countries to be especially wary of maintaining strict security over any facet of their systems that is susceptible to cyber attacks.
“Malicious activity could disrupt multiple functions, including media broadcasting environments, hospitality, transit, ticketing, or security,” said the FBI in a statement.
While there hasn't been a confirmed list of victims of the hack, if you're connected to the Olympics in any way, it's worth keeping an eye on your email or bank account.
What Can Hackers Do With This Information?
So what is the real problem with hackers obtaining this information? After all, on paper, someone having your name and address isn't the worst thing in the world, even if it is a bit disconcerting.
However, the hackers did have access to bank details, which is obviously a big red flag. Even if they didn't manage to get every card detail, a hacker having even partial bank details is not something anyone wants.
But even when hackers obtain more innocuous information, like phone numbers and email addresses, this can lead to some issues. They can sell this information in bundles to spammers and scammers, meaning if they obtained your email address in this cyber heist, you may receive waves of annoying emails or calls from people trying to sell you things, or pretending to be your bank.
How to Prevent Being a Victim of a Hack
While safeguarding against attacks such as this can be out of the individuals hands, since it was a failure of the IOC and Japanese government, there are still steps that someone can and should take in order to ensure that their devices and information are safe.
For example, installing a VPN on your device is a great way to protect it, as it encrypts your information and makes it a lot harder for prying eyes to witness any online activity you may be up to.
Another good idea is a password manager. Not only do these remove the the headache of actually remembering multiple passwords, but some will even alert you if your password is compromised.
Two-factor authentication is also an important step when protecting your data, as it makes sure that any log-ins to your email or bank account require a code that is sent to your phone to validate that it's you logging in.