F1 confirms “foo” message sent on official app was the result of a hack

2021 Austrian Grand Prix

Posted on

| Written by

Formula 1 has confirmed its official app was subjected to a “targeted attack” yesterday which led to fans receiving unexpected notifications containing the text “foo”.

A further message sent to users of the official Formula 1 app on Saturday read: “Hmmmm, I should check my security.. :)”

In a statement F1 confirmed its systems had been compromised and it has begun an immediate review of its services.

“Formula 1 became aware of an incident where the F1 App Push Notification Service had been compromised,” it stated.

“We immediately took actions to suspend and secure the service and review the security procedures in place.”

F1 does not believe any of its users’ data was leaked in the hack.

“Our investigation confirms that this targeted attack was limited to the Push Notifications Service. We will continue to investigate, review and improve safety measures but, at this time, have no reason to believe that any customer data has been accessed during this incident.”

The official Formula 1 app has been downloaded by over five million users on the Google Play Store.

Don't miss anything new from RaceFans

Follow RaceFans on social media:

Advert | Become a RaceFans supporter and go ad-free

2021 Austrian Grand Prix

Browse all 2021 Austrian Grand Prix articles

Author information

Keith Collantine
Lifelong motor sport fan Keith set up RaceFans in 2005 - when it was originally called F1 Fanatic. Having previously worked as a motoring...

Got a potential story, tip or enquiry? Find out more about RaceFans and contact us here.

18 comments on “F1 confirms “foo” message sent on official app was the result of a hack”

  1. Well a responsible hacker in action. Just enough to stir things up but not doing any damage, apart from the it depts ego.

    1. Or someone within the company(currently employed or former) not too happy with treatment.

  2. Weird story. ‘foo’ is a common placeholder word used by programmers, just like ‘bar’ and ‘foobar’. You’d think that a hacker would post something more scandalous.

    My bet is on an error in some software that automatically posts tweets, not a hacker.

    1. @aapje
      I see your point but F1 said that it is targeted attack. We’ve seen before what you’ve talked about when “LastName” was displayed in the live TV when showing the gap between the drivers instead of their real last names.

    2. @aapje I think this is likely suggestive of a less malicious attack. If that is indeed the source of ‘foo’ in this instance, I expect this may be a ‘white-hat’ hacker who is trying to find security exploits with a relatively harmless attack and notify F1 before anyone with a malicious intent does.

      1. @randommallard It also feels a little bit like the hacker wasn’t sure if the hack would work.

        @aapje as a programmer, it is indeed my default string to use when testing/checking something. Is this function even firing? Log “foo” to the console and see. Testing an array? `[“foo”, “bar”, “baz”]. Probably worth noting that hackers often are programmers; and many aren’t actually malicious. They do it for fun.

    3. If you thoroughly read the article, you’d see “foo” was not the only notification that was sent out.

  3. The hackers missed a trick, “Bwoa” was surely what they should has said…

    1. Ahah, yes, should’ve done it!

  4. I was hoping they’d get in an improve the live timing

  5. Foo……..

    k smash

  6. May I suggest another 5s FIA penalty for that hacker?

Leave a Reply

Your email address will not be published. Required fields are marked *

All comments are moderated. See the Comment Policy and FAQ for more.
If the person you're replying to is a registered user you can notify them of your reply using '@username'.