Multinational apparel design and manufacturing corporation Adidas alerted customers of an incident that possibly affected the security of their data.
On 28 June, Adidas’ headquarters located in Herzogenaurach, Germany posted a statement about the incident to its website. The notice revealed that Adidas first learned about the issue two days earlier when an unauthorized party claimed to have gained access to some customers’ data.
Adidas did not specify the exact number of customers who might have been affected by the attackers. Even so, a spokeswoman for the company did provide some insight in an email. As quoted by Bloomberg:
We are alerting certain consumers who purchased on adidas.com/US about a potential data security incident. At this time this is a few million consumers.
According to its statement, Adidas began working with security firms and law enforcement soon after it learned about the issue in order to investigate what happened. That joint effort revealed that the incident might have exposed customers’ contact information, usernames and encrypted passwords.
The company did not find evidence suggesting the attackers had misused customers’ information in any way at the time of publication.
This potential breach isn’t the only time a well-known retailer has suffered a security incident in recent months. Under Armour announced its own security incident in March when it learned that an unauthorized party had viewed data pertaining to user accounts on MyFitnessPal, a platform which tracks users’ exercise and diet. That particular event is thought to have exposed the account information of 150 million MyFitnessPal users.
A month later, news emerged about a sale of millions of credit cards presumably stolen from customers of luxury department stores Saks Fifth Avenue and Lord & Taylor.
These incidents highlight the need for retailers to strengthen their security systems in defense of customers’ information. Learn how Tripwire can help.