Russian whistleblower Yuliya Stepanova has had an anti-doping account containing personal information hacked, WADA confirmed on Saturday.
WADA's Anti-Doping Administration and Management System (ADAMS) is used to store information on athlete whereabouts, as well as for accredited laboratories to submit test results to the relevant authorities.
Stepanova's evidence was key to WADA's Independent Pound Report Commission that exposed widespread doping in Russian athletics, but the global body says access to the middle-distance runner's ADAMS account has been "illegally obtained".
"Earlier this week, WADA was made aware of an alleged hack of its website and to phishing scams," read a WADA statement.
"Regarding the latter, the Agency confirmed that some users had received illegitimate e-mails that look as though they come from WADA, which ask users to click on a link and enter their personal credentials.
"WADA quickly investigated and immediately sent an e-mail to all ADAMS users, including a warning banner on the ADAMS home page, alerting them to these e-mails, which WADA would never send, and asking them to advise ADAMS support immediately if they were to receive such an e-mail.
"We continue monitoring the situation to determine whether or not users have acted (or act) on these e-mails to ensure that data remains secure.
"Unfortunately, like many organisations, WADA is not immune to attempted cyber-attacks. Stakeholders can rest assured that the Agency takes IT security and data privacy very seriously; accordingly, as a matter of course, we monitor all our systems on a continuous basis and adjust as necessary in line with the best of IT security practices. It should also be noted that WADA is in contact with the relevant law enforcement authorities."
WADA added that Stepanova's account had been locked as a result of the breach and that no other athlete accounts had been accessed.