Sebastian Coe has apologised after the IAAF confirmed it had fallen victim to a hack from the 'Fancy Bear' cyber-espionage group which may have compromised athletes' Therapeutic Use Exemption (TUE) applications.
The same group has previously targeted the World Anti-Doping Agency, which led to the private medical data of major sports stars being released into the public domain, including the Williams sisters, Simone Biles, Chris Froome and Bradley Wiggins.
There was no evidence of any wrongdoing by the sportspeople involved, with the hackers having disclosed instances where TUEs have been granted, enabling competitors to use medications for legitimate reasons.
On Monday the IAAF - athletics' international governing body - released a statement to say it had now suffered a "cyber attack" which was discovered following a "proactive investigation" by an online security firm contacted by the body in January.
The statement read: "The presence of unauthorised remote access to the IAAF network by the attackers was noted on 21 February where meta data on athlete TUEs was collected from a file server and stored in a newly created file.
"It is not known if this information was subsequently stolen from the network, but it does give a strong indication of the attackers' interest and intent, and shows they had access and means to obtain content from this file at will."
IAAF president Coe said: "Our first priority is to the athletes who have provided the IAAF with information that they believed would be secure and confidential.
"They have our sincerest apologies and our total commitment to continue to do everything in our power to remedy the situation and work with the world's best organisations to create as safe an environment as we can."
The governing body said that all athletes who have applied for TUEs since 2012 had been contacted.