FIA has confirmed that a group of three hackers breached into their databases and found personal information from drivers like Max Verstappen, Lando Norris, Fernando Alonso, and Nico Hulkenberg. Among the things they found was Verstappen's passport, personal contact information, and license documents, as well as internal communications and private evaluations and "decision-making processes" from FIA.
Thankfully, they did not have malicious intents. In fact, the hacker group are called themselves "ethical hackers" and "bug bounty hunters", with the intention of exposing weaknesses and helping companies to improve their cybersecurity. In fact, they say they are F1 fans.
<social>https://x.com/galnagli/status/1981059382080323634</social>
Gal explained how they did it on an X thread. They stopped digging after seeing how easy it was to access confidential documentation and personal information of the F1 drivers, saying that they did not access any sensitive information and didn't keep anything they found. It only took them ten minutes to access to FIA's portals using an HTTP PUT request to make themselves look like admins.