Adidas Alleged Data Breach | 815,000 Records of Customer Data Stolen

Summary

Adidas is investigating a potential data breach involving one of its independent third-party partners after claims surfaced on BreachForums that a threat actor affiliated with the Lapsus$ hacking collective accessed their systems.

The alleged data affected:
• Approximately 815,000 customer and technical records.
• Actors separately claimed to hold roughly 420GB of Adidas-related data tied to the French market.

Adidas has stated that its internal IT systems and e-commerce platforms were not directly compromised, and the breach involves an external partner’s IT environment.

Research Source

Reporting and analysis from Cybersecurity News and supporting research from multiple outlets indicate that the alleged compromise originates from a third-party extranet portal.

Threat actor activity suggests the attacker obtained data from the partner’s systems and publicized it online. Adidas has engaged forensic teams to investigate the claim and verify the scope of affected data.

Technical Details

The incident appears to involve:
• Unauthorized access to a third-party licensing or partner portal
• Exfiltration of database records, potentially including customer contact information, technical identifiers, and other sensitive data

At this time, there is no public evidence of compromise of Adidas internal servers or customer accounts.

Observed Attack Activity

Reported behavior from threat actor postings includes:
Data Exfiltration
• Bulk download of customer records (815,000 rows)
• Posting of exfiltrated data to breach forums

Potential Secondary Activity
• Phishing or credential stuffing using stolen information
• Attempts to gain access to additional systems through the partner’s network

No specific malware deployment or ransomware activity has been publicly confirmed.

Impact

Compromise of the third-party partner may allow attackers to:

• Access personal and technical customer data
• Attempt social engineering or targeted attacks against Adidas customers
• Potentially exploit partner connections to other corporate systems

Because the breach involves an external vendor, the risk is primarily through supply chain exposure, highlighting the need for careful third-party cybersecurity monitoring.

Mitigation

Adidas recommends:

• Engaging forensic teams to verify the claims and scope of exposure
• Reviewing third-party access and permissions
• Communicating with affected partner to secure and audit their systems
• Monitoring for potential phishing or fraudulent activity using exposed data
• Enhancing monitoring of supply-chain/vendor networks
• Organizations should assume a supply-chain breach risk and act to mitigate possible downstream impacts.

References

• Cybersecurity News: https://cybersecuritynews.com/adidas-investigates-data-breach/
• HelpNetSecurity: https://www.helpnetsecurity.com/2026/02/19/adidas-third-party-data-breach-investigation/?
• TechRadar: https://www.techradar.com/pro/security/hackers-claim-breach-of-adidas-systems-but-it-says-a-third-party-is-the-real-victim?