Adidas posted an official notice on its German and English websites, stating that “an unauthorized external party obtained certain consumer data” via a third-party customer service partner. The notice did not name the vendor or specify the number of customers affected.
Data Breach in Turkey and Korea First Reported
Earlier this month, Adidas had sent notifications to customers in Turkey and South Korea, according to reports from Cybernews. The incident initially appeared limited to those regions. However, the company’s recent public statement suggests the breach may be broader and could involve its global network.
Cybernews, which first reported the breaches in both countries, has tried twice this month to get clarification from Adidas but has not yet received a response.
What Data Was Exposed?
The breach involves names, email addresses, phone numbers, dates of birth, and other personal details of customers who had contacted Adidas customer support. However, no payment data, passwords, or credit card information was exposed, the company assured.
Adidas said it is currently informing affected consumers, but didn’t clarify which regions outside of Turkey and Korea may have been impacted.
Security Experts Warn of Identity Theft Risk
Although sensitive financial data wasn’t stolen, security experts say the leaked information is still highly valuable to cybercriminals. It could be used for identity theft, phishing attacks, and other scams.
Ryan Sherstobitoff, a senior VP at SecurityScorecard, warned that “retailers are high-value targets for cyberattacks” due to the large amounts of personal data they handle. He added that attacks through third-party vendors highlight serious vulnerabilities in global supply chains.
Adidas Responds
Adidas says it took immediate steps to contain the incident, hired outside cybersecurity experts, and notified law enforcement and data protection authorities. The company also expressed regret over the breach.
“We remain fully committed to protecting the privacy and security of our consumers,” the company stated.
A Growing Problem in Retail
This breach is part of a troubling trend. Major retailers like Marks & Spencer (M&S), Dior, Harrods, and Co-Op have all suffered similar cyberattacks recently. Many of these attacks have been linked to the Scattered Spider ransomware group and involved third-party vendors.
Experts say that with the rise in such incidents, cybersecurity can no longer be an afterthought. Businesses must adopt a proactive, multi-layered approach that includes monitoring their vendors and partners.
As investigations continue, Adidas customers are advised to stay alert for suspicious emails or messages that could be part of phishing scams.
Tags:
Cyber News
