Adidas is investigating allegations of a significant data breach involving one of its external partners. The German sportswear giant confirmed that it was made aware of a "potential data protection incident" at an independent licensing partner responsible for martial arts products. The investigation was triggered after a user claiming affiliation with the notorious Lapsus$ group reported compromising the company's extranet. The company emphasized that its own IT infrastructure and consumer e-commerce platforms were not affected. On February 16, the threat actor known as Lapsus$ Group posted a message on a dark web forum claiming responsibility for the incident. According to the statement, the group exfiltrated approximately 815,000 records. The allegedly stolen data includes sensitive personally identifiable information (PII), such as: • First and last names • Email addresses • Passwords • Company names • Dates of birth • Additional unspecified technical dat...
I am a technology writer with a focus on cybersecurity. I cover topics such as malware, vulnerabilities, exploits, and security defenses, as well as research and innovation in information security.