On 28 June 2018, athletic apparel company Adidas announced that its US website had suffered a data breach, exposing online customers’ personal data.
The breach was detected on 26 June. In its statement, Adidas said:
“According to the preliminary investigation, the limited data includes contact information, usernames and encrypted passwords. Adidas has no reason to believe that any credit card or fitness information of those consumers was impacted.”
In line with the EU GDPR’s (General Data Protection Regulation) requirements, the Germany-based brand officially reported the incident within the 72-hour timeframe and implemented an incident response process that included cautioning affected customers and advising them to check their payment card statements and to change their passwords.
It is believed that only adidas.com/US customers were impacted – the company’s other web stores, and those of its subsidiary Reebok, were not affected.
Adidas is the second largest sportswear manufacturer in the world, and this data security incident demonstrates yet again that organisations of all types are at threat of attack.
It is essential that organisations know how to respond appropriately to a cyber security incident.
If you would like more information on how to do this, request a call with one of our retail experts.
Alternatively, visit our shop and browse the available solutions. With everything from pocket guides to full consultancy available, we can help you regardless of your scale or budget.
Prepare now so that you aren’t caught unawares!