Adidas hit in yet another UK retail data breach
Adidas has confirmed a cyber attack that exposed the personal data of customers who contacted its help desk, adding the German sportswear giant to a growing list of major retailers hit by recent cybersecurity incidents.
The breach, disclosed on 23rd May, involved unauthorised access to a third party customer service provider, through which attackers were able to obtain consumer contact information.
Adidas said the compromised data primarily includes name and contact details but does not involve passwords, credit card information or other payment data.
“We remain fully committed to protecting the privacy and security of our customers, and sincerely regret any inconvenience or concern caused by this incident”, the firm said in a statement on its website.
Adidas added that it “immediately took steps to contain the incident” and launched a comprehensive investigation with external cyber security experts.
The company is currently informing affected customers, as well as notifying relevant data protection and law enforcement authorities.
Cyber breach spree on UK retail
The Adidas breach comes amid a surge in cyber attacks targeting UK and global retailers.
High profile names like Marks & Spencer, Co-op and Harrods have all recently suffered significant cyber security breaches since April.
While Adidas has reported no operational disruption, M&S estimated its own breach would cost the company around £300m, which is a third of its annual profit.
Law enforcement agencies are investigating whether a notorious hacker group named “scattered spider” may be behind these recent attacks.
However, there is no suggestion at this time that the group is responsible for the Adidas breach.
Jake Moore, global cybersecurity advisor at ESET, said: “While it appears no financial data was accessed, this incident highlights the increasing risk of supply chain vulnerabilities that have dominated the retail industry in recent weeks”.
Citi analysts have upheld their buy rating and €290 price target for Adidas, despite today’s breach.
Moore advised Adidas customers to stay vigilant: “It may be worth changing online account passwords as a precaution and staying alert to phishing attempts, as further details about the breach may still emerge”.