The AIS and Sport Australia are investigating a potential breach of an agency email account after it was hacked last week.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
Sport Australia officials confirmed the "unauthorised access" on Friday afternoon, but were unable to say if athletes' sensitive information had been accessed.
It's believed to be an isolated incident, but investigations were ongoing to determine if it was a targeted attack or an opportunistic hack.
News of the cyber attack follows details emerging of a breach at Parliament House earlier this year and the Australian Sports Anti-Doping Authority revealing it had been targeted by a Russian group.
The Australian Sports Commission, a federal government agency comprising of Sport Australia and the AIS, is yet to determine the source of the breach and there is no evidence to suggest it is linked to previous attacks on other Australian organisations.
But it's believed one concern was the possibility of athletes' data being breached.
Commission chief executive Kate Palmer said: "The Australian Sports Commission is currently investigating the unauthorised access of an agency email account after a staff member reported unusual activity on their account on 7 November 2019.
"The ASC took urgent action to deactivate the email account and isolate the incident. At this stage of the investigation we have determined that only one staff email account has been affected. There is no evidence to suggest that other ASC accounts or systems have been compromised.
"The investigation is being supported by the Australian Cyber Security Centre and the Department of Health IT Security team, and I thank them for their support.
"As required under the Privacy Act, the Office of the Australian Information Commissioner has also been informed of this incident.
"As the investigation is ongoing, I will make further statements as appropriate."
MORE CANBERRA SPORT
University of Canberra assistant professor in applied sports physiology Naroa Etxebarria said there was a range of information hackers could be targeting.
Records of physiological characteristics, such as VO2 max - which measures the maximum amount of oxygen an athlete can use during intense exercise - could provide information on an athlete's physical weaknesses.
Psychological reports would provide similar information about mental weaknesses.
Both could be exploited during competition.
Training programs could also be targeted, allowing competitors to find out exactly what star athletes were doing to be successful.
"The psychology behind the athlete and knowing what they think and how they think, and what their weakness is - it's a big source of information," Dr Etxebarria said.
"Then you try to push them out of their comfort zone so they're vulnerable.
"In very physiological sports, like cycling and running, knowing their physiological characteristics can be another source of information ...[that] would also be used to exploit their weaknesses.
"The more successful an athlete is the more people want to copy whatever they do.
"There might be aspects of their training that become a secret because they think that gives them a competitive advantage."
Russian hacking group Fancy Bear broke into the World Anti-Doping Association system three years ago and released information about athletes, including Australians.
There's no suggestion Fancy Bear were responsible for the ASC breach.
The records included details of Therapeutic Use Exemptions for individuals who are permitted to use substances for medical conditions even if they are banned.
Microsoft said last month its threat intelligence centre found at least 16 national anti-doping agencies and sporting bodies from three continents had been targeted by hackers this year.
Some attacks were successful, but the majority were repelled.