Hackers claim breach of Adidas systems - but it says a third-party is the real victim

News
By published

Was Adidas hacked? Or was it a third-party

  • Lapsus$ hackers claim Adidas extranet hack
  • However Adidas says it was a third-party partner which was breached
  • “A lot of technical data” was reportedly exposed in hack

A group of cybercriminals claim to have broken into Adidas and stole sensitive files, but it seems they only broke into a third-party partner company.

Members of the infamous Lapsus$ hacking collective recently posted a new thread on the BreachForums site claiming to have infiltrated the Adidas extranet (a private network that still allows outsiders to access - in this case, third-party partners) and exfiltrated 815,000 rows of sensitive data.

The data, as per the post, included people’s full names, emails, passwords, dates of birth, company, and “a lot of technical data”.

Who was to blame?

Responding to media inquiries, Adidas said it was investigating the claims, and said it was looking at a breach at one of its partner companies.

"We have been made aware of a potential data protection incident at one of our independent licensing partners and distributor for martial arts products," an Adidas spokesperson told The Register.

"This is an independent company with its own IT systems."

While the German sportswear giant did not want to discuss the date of the incident, or the nature of the files that were nabbed, it did stress that there was "no indication” that the company IT infrastructure, its e-commerce platforms, or any of its consumer data, was affected by this attack.

Lapsus$ is currently one of the more active threat actors out there, sometimes operating independently, and sometimes as part of a bigger collective called Scattered Lapsus Hunters.

The group was first spotted in late 2021, when it targeted the Brazilian Health Ministry’s systems. After that, it made several high-profile breaches, including attacks on Microsoft, Nvidia, and Samsung. It went dark in 2022, but re-emerged last year.

London police arrested seven individuals in the aftermath of the attacks, but quickly released them - but has since re-arrested two more.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.