• Home
  • cyber
  • Adidas and Double D: Prolific hacking gang claims Adidas Extranet, promises more
cyber Breach

Adidas and Double D: Prolific hacking gang claims Adidas Extranet, promises more

May 1, 2025 2 min read
Adidas and Double D: Prolific hacking gang claims Adidas Extranet, promises more

Lapsus$ Claims Breach of Adidas Extranet, But Scope Remains Disputed

The hacking group Lapsus$ has claimed responsibility for breaching the Adidas Extranet a secure portal used by the company’s business partners, suppliers, and employees allegedly exposing around 815,000 rows of data. The compromised information reportedly includes usernames, passwords, and technical details, though only 130 accounts appear to have been directly affected.

Lapsus$ suggested the breach was part of a larger operation, hinting at an upcoming "something bigger." However, cybersecurity researchers at Cybernews dispute the severity of the incident, arguing that the group exaggerated its impact. The leaked data, they say, primarily originates from Double D, a French Adidas licensee specializing in combat sports, rather than Adidas itself. The exposed records include personal details such as names, email addresses, passwords, birthdates, and company information.

While Lapsus$ is considered one of the most active English-speaking cybercrime groups alongside Scattered Spider and ShinyHunters analysts note that the breach may have been inflated for notoriety. The group also claimed to possess 420GB of Adidas-related data tied to the French market, though researchers found the dataset included irrelevant entries, such as SQL commands.

Adidas confirmed a third-party breach in May 2025, though the connection to this incident remains unclear. The potential for phishing attacks using the leaked data persists, but experts caution against overstating the breach’s scale.

Source: https://cybernews.com/security/lapsus-hacking-gang-adidas-data-breach/

Adidas TPRM report: https://www.rankiteo.com/company/adidas

Double D TPRM report: https://www.rankiteo.com/company/double-d-ranchwear

"id": "adidou1771324504",
"linkid": "adidas, double-d-ranchwear",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '130 accounts directly affected '
                                              '(815,000 rows of data exposed)',
                        'industry': 'Apparel and Footwear',
                        'location': 'Global (primary breach via French '
                                    'licensee)',
                        'name': 'Adidas',
                        'size': 'Large',
                        'type': 'Corporation'},
                       {'industry': 'Combat Sports Apparel',
                        'location': 'France',
                        'name': 'Double D',
                        'type': 'Licensee'}],
 'customer_advisories': 'Potential phishing risks due to leaked data',
 'data_breach': {'number_of_records_exposed': '815,000 rows (130 accounts '
                                              'directly affected)',
                 'personally_identifiable_information': 'Names, email '
                                                        'addresses, '
                                                        'birthdates, company '
                                                        'information',
                 'sensitivity_of_data': 'High (PII, passwords)',
                 'type_of_data_compromised': 'Personal Identifiable '
                                             'Information (PII), Credentials, '
                                             'Technical Details'},
 'date_publicly_disclosed': '2025-05',
 'description': 'The hacking group Lapsus$ has claimed responsibility for '
                'breaching the Adidas Extranet, a secure portal used by the '
                'company’s business partners, suppliers, and employees, '
                'allegedly exposing around 815,000 rows of data. The '
                'compromised information reportedly includes usernames, '
                'passwords, and technical details, though only 130 accounts '
                'appear to have been directly affected. The breach may have '
                'been exaggerated for notoriety, with researchers suggesting '
                'the data primarily originates from Double D, a French Adidas '
                'licensee.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'data exposure',
            'data_compromised': 'Usernames, passwords, technical details, '
                                'names, email addresses, birthdates, company '
                                'information',
            'identity_theft_risk': 'High (due to PII exposure)',
            'systems_affected': 'Adidas Extranet (third-party portal)'},
 'investigation_status': 'Disputed (scope and origin under review)',
 'motivation': 'Notoriety, Potential Financial Gain',
 'post_incident_analysis': {'root_causes': 'Third-party vulnerability (Double '
                                           'D licensee)'},
 'recommendations': 'Enhance third-party security assessments, monitor for '
                    'phishing attacks using leaked data, verify breach claims '
                    'before public disclosure',
 'references': [{'source': 'Cybernews'}],
 'response': {'communication_strategy': 'Adidas confirmed a third-party breach '
                                        'in May 2025'},
 'threat_actor': 'Lapsus$',
 'title': 'Lapsus$ Claims Breach of Adidas Extranet',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.