Adidas disclosed a data breach where attackers hacked a customer service provider and stole some customers' data, including contact information. The stolen information did not include payment-related information or passwords. Adidas immediately contained the incident and launched an investigation, collaborating with information security experts. The company notified relevant authorities and will alert affected customers. Adidas has not revealed further details about the incident, including the name of the impacted service provider, the detection date, the number of individuals affected, or if its own network was compromised.
TPRM report: https://www.rankiteo.com/company/adidas
"id": "adi845052725",
"linkid": "adidas",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Sportswear',
'location': 'Germany',
'name': 'Adidas',
'type': 'Corporation'}],
'attack_vector': 'Third-party compromise',
'customer_advisories': True,
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': 'Contact information'},
'description': 'Adidas disclosed a data breach after attackers hacked a '
"customer service provider and stole some customers' data.",
'impact': {'data_compromised': ['contact information']},
'initial_access_broker': {'entry_point': 'Third-party customer service '
'provider'},
'investigation_status': 'Ongoing',
'references': [{'source': 'BleepingComputer'}],
'regulatory_compliance': {'regulatory_notifications': True},
'response': {'communication_strategy': True,
'containment_measures': True,
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': True},
'stakeholder_advisories': True,
'title': 'Adidas Data Breach',
'type': 'Data Breach'}