Adidas AG is the latest company to come under attack from cyber-thieves looking to steal personal information, with millions of customers potentially at risk. The athletic-wear company announced in a press release on Thursday that an “unauthorised party” claims to have acquired customer data from its U.S. website.
“We are alerting certain consumers who purchased on adidas.com/US about a potential data security incident. At this time this is a few million consumers,” a spokeswoman said in an email.
According to a preliminary investigation conducted by outside data security firms and law enforcement, the leaked data is believed to be limited in scope, including contact information, usernames and encrypted passwords. Adidas said it does not believe any credit card or health and fitness information was compromised.
“The limited data includes contact information, usernames and encrypted passwords,” the statement said. “Adidas has no reason to believe that any credit card or fitness information of those consumers was impacted,” the company added.
Adidas first became aware of the security issue on June 26, when “an unauthorized party” claimed to have acquired some of its consumer data, but it did not say when the breach occurred.
Adidas is working with law enforcement and data security experts to address the issue, and is alerting consumers who may have been affected, it said.
This news adds Adidas to a growing list of companies and institutions targeted in cyber attacks, including aerospace giant Boeing Co., airlines like Delta Air Lines Inc., natural gas pipelines and electric utilities and retailers Hudson’s Bay Co. and Under Armour Inc., which in late March disclosed the accounts of about 150 million users of its nutrition-tracking app MyFitnessPal had been hacked.
A data breach can threaten not just customers, but also the brand’s image. According to a recent KPMG study, 55% of consumers surveyed globally have decided against purchasing something online due to privacy concerns.
Tags:
News