- Adidas announced on Thursday that an “unauthorized party” said it had gained access to certain customer data on its US website.
- The data that could have been impacted includes contact information, like addresses and email addresses, as well as login information, but not financial or fitness information.
- Adidas says it is conducting a forensic review and is alerting customers who could have been affected.
Adidas announced on Thursday that a possible security breach may have put some of its customers’ data at risk.
The company said that an “unauthorized party” said it had gained access to customer data on Adidas’ US website. Currently, it believes only customers who shopped on and purchased items from the US version of Adidas.com may have been affected by the breach.
The data that is potentially at risk includes customer contact information, like email addresses and physical addresses, as well as login information, like usernames and passwords. The passwords were stored with an encryption, however, which would need to be unencrypted before they could be used.
Adidas said that credit-card information and fitness data were likely not affected by the breach. The company first became aware of the issue on June 26, but did not disclose when the breach is believed to have occurred.
Adidas did not say exactly how many customers may have been affected by the potential breach, but an Adidas spokeswoman confirmed it is likely "a few million." It is currently working to determine the scope of the incident.
The company is now working with security firms on a forensic investigation to find out what happened, and it is in the process of alerting customers who may have been affected.
"Adidas is committed to the privacy and security of its consumers' personal data. Adidas immediately began taking steps to determine the scope of the issue and to alert relevant consumers. Adidas is working with leading data security firms and law enforcement authorities to investigate the issue," an Adidas spokeswoman told Business Insider.