Sports world adapting to cyber threats
Imagine the fallout if the NHL was hacked and its star players — Sidney Crosby, Auston Matthews and Connor McDavid — had their home addresses, phone numbers and other personal information made accessible online.
It’s an all-too-familiar scenario for Canadian lacrosse player Kevin Crowley, who was among the victims of a data breach that affected Major League Lacrosse last summer, when a spreadsheet with the personal details of every player in the league and former players was mistakenly made available.
“To be completely candid, we talked about it on our team and I don’t think anyone was all that surprised that something like that could have happened,” said the 29-year-old New Westminster, B.C., native. “As lacrosse players we’re not making millions of dollars a year, but I can imagine if an NHL or NFL or NBA player got their account hacked, that’d be a much bigger deal in terms of what they could probably take out of their accounts.” Cybersecurity has become a growing concern for sports leagues and players’ associations.
Just days before the MLL hack went public last August, it was revealed the Russian cyber espionage group Fancy Bears obtained what it said was confidential medical data on soccer players who had drug exemptions for the 2010 World Cup. The group released a similar trove of documents about a year earlier that it said revealed drug test results of tennis star Serena Williams and others from the World Anti-Doping Agency. WADA confirmed it had been hacked. On Wednesday, the U.K.based cybersecurity company Darktrace announced it is providing the NHL Players’ Association with an artificial intelligencepowered service to help protect player data such as personal contacts and contract details.
“For most sporting leagues, their information in many ways is their currency,” said Darktrace spokesman David Masson. “It’s the data about their organization, how they work, how they train, how they pay, how much they receive — it’s all in there.” Stephen Frank, the NHLPA’s director of technology and security since 2012, said there were no real hacking threats when he started on the job. Now there are huge concerns around social media-linked attacks and phishing attempts. “These players are deeppocketed, high net-worth individuals of some status, so whether it’s someone trying to exploit them through ransom or someone who wants to undermine the integrity of their online social media, phishing is generally still the most visited route of a bad actor,” Frank said. There’s an important need to educate today’s young players about “proper online hygiene” and security trends, starting with a rookie orientation program, Frank said.