(Credit: Plexi Images/GHI/Universal Images Group via Getty Images)
Lately it seems like every week comes with news of a data breach or cyberattack. This time it’s sportswear giant Adidas, which confirms that a breach at a third-party customer service provider left “certain consumer data” exposed.
"Adidas recently became aware that an unauthorized external party obtained certain consumer data through a third-party customer service provider," Adidas says. "We immediately took steps to contain the incident and launched a comprehensive investigation, collaborating with leading information security experts."
Details about affected data are scarce, but the company confirms it doesn't contain passwords, credit cards, or any other payment-related information.
Adidas is the second largest sports goods manufacturer in the world, with stores in six of the seven continents. When asked if the attack affects US customers, a spokesperson said only that "we can confirm that it affects certain consumers who had contacted our customer help desk in different countries," they said.
The company is notifying customers about the attack and has reported the issue to data protection and law enforcement authorities, as required by law.
As usual, if you have received communication regarding the breach, keep an eye out for suspicious activity on your bank accounts and credit reports. And be wary of unexpected phone calls, emails, or social media messages, as those could be phishing messages from cybercriminals who got hold of some basic contact information. For more, check out How to Spot and Avoid Phishing Scams: 5 Tips From Our Security Expert.
According to Bleeping Computer, Adidas disclosed similar customer service breaches in Turkey and South Korea earlier this month. Those attacks impacted customers who reached out to the company's help desk in 2024 or earlier.
In 2018, the company's US website was hacked, exposing the contact information, usernames, and encrypted passwords of "a few million consumers."
While this breach reportedly did not include sensitive data, it's a good reminder to review the security of your online accounts. Make sure you're not re-using passwords across services and consider a password manager like 1Password to keep all your accounts safe.
After breaches like this one, cybercriminals often used stolen data for phishing scams. So, be on alert for strange emails or messages. Don't click on links or give away any personal information. If something seems off, go directly to the merchant's website or call their customer service.
If you’re still concerned, consider identity theft protection software. You can also freeze your credit. The latter is a simple process that only takes a few minutes, and ensures nobody can open new lines of credit in your name, or access your credit report.