Photo/Illutration Leaked data on IDs and passwords for users to log into the official website for the Tokyo Olympics. Part of the image is modified. (Provided by Dark Tracer)

Data believed to be IDs and passwords for ticket buyers and volunteers to log into official websites for the Tokyo Olympic and Paralympic Games have been leaked to the internet, according to a Singapore-based cybersecurity firm.

The firm, Dark Tracer, also said on July 21 what appeared to be classified documents associated with the Olympic Games were also posted online.

The Tokyo 2020 organizing committee said on the night of July 21 it is investigating if the breach occurred after data was provided to the Japanese government by the firm in mid-July.

Louis Hur, CEO of Dark Tracer, said the company has confirmed the leak of email addresses and passwords for people who created accounts to log into the official websites for the Games since September.

“The leak could total in the hundreds,” he said.

The email addresses and passwords were stolen when ticket purchasers and volunteers typed them in on phishing sites by mistake, and not in a cyberattack, according to Hur.

He also said classified documents purported to be released on the dark web by hackers could be related to the Olympics although they were encrypted.

The leak also includes what appeared to be a list of individuals who tested positive for COVID-19 among Olympic delegations and documents as to what extent information should be disclosed when athletes, organizing officials and members of the media are confirmed infected with the coronavirus.

Related News