Max Verstappen 'targeted' in shock FIA data 'hack'

The personal details of four-time F1 champion Max Verstappen have been revealed as previously being temporarily available to social media users who were able to 'hack' into the FIA's driver database.

The alleged security breach has uncovered a potential flaw in the digital software used by F1's governing body, with hackers claiming to have exposed an alleged vulnerability within the system ahead of this weekend's F1 Mexican Grand Prix.

On Wednesday, social media user @‌galnagli posted to X: “We found a way to access Max Verstappen's passport, driver's license, and personal information. Along with every other Formula 1 driver's sensitive data. It took us 10 minutes using one simple security flaw.”

Underneath the original post, further details were revealed, with the account's owner adding: “Together with @‌samwcyo and @‌iangcarroll all three of us being avid Formula1 Fans, we were looking at the security of the whole ecosystem. That's how we stumbled upon a severe vulnerability in a critical portal managed by the @‌fia , that was reported and fixed in <24 hours.”

Extensive details of how the trio allegedly managed to gain temporary access to such details were laid out in the 'X' thread, along with an image which appeared to show proof they had found a way in to view the Red Bull star's CV, FIA super licence and passport.

The social media thread claimed the trio did not download any of the personal information, instead reporting the flaw to the FIA, with the accounts they made to access the information swiftly deleted.

Have the FIA responded to alleged data breach?

When approached by GPFans for comment, an FIA spokesperson said: "The FIA became aware of a cyber incident involving the FIA Driver Categorisation website over the summer. Immediate steps were taken to secure drivers’ data, and the FIA reported this issue to the applicable data protection authorities in accordance with the FIA’s obligations. It has also notified the small number of drivers impacted by this issue. No other FIA digital platforms were impacted in this incident.

"The FIA has invested extensively in cyber security and resilience measures across its digital estate. It has put world-class data security measures in place to protect all its stakeholders and implements a policy of security-by-design in all new digital initiatives."

The FIA are the governing body for F1 and a number of high profile motorsport series, including single-seater support series' such as F2 and F3, as well as other disciplines such as the World Endurance Championship (WEC) and the World Rally Championship (WRC).

In their capacity as the overarching body for many motorsport disciplines, the FIA naturally has the responsibility of managing the private personal data of thousands of competitors across multiple racing series.

F1 HEADLINES: Driver exit confirmed as Norris replaced at Mexican GP

READ MORE: F1 debut confirmed as Lance Stroll sits out for Aston Martin at Mexican GP

READ MORE: McLaren 'nervous' as Piastri and Norris ‘problem’ arises

READ MORE: Alpine announce F1 driver replacement ahead of Mexican GP

Related