Adidas have suffered a security breach that may have put some of its customers’ data at risk. The company said that an “unauthorized party” said it had gained access to customer data on Adidas’ US website. Currently, it believes only customers who shopped on and purchased items from the US version of Adidas.com may have been affected by the breach.
Commenting on the news is Javvad Malik, security advocate at AlienVault, who said:
“The Adidas breach highlights two unfortunate trends. Firstly, that the company was apparently made aware of the breach through an unauthorised third party which claimed to have access to its customer details. It reinforces the need to have strong monitoring and threat detection controls in place so that enterprises can detect breaches themselves in a timely manner.
Secondly, without having monitoring controls in place, a company cannot say with certainty whether the claim of a breach is true or not. This leads to any malicious party being able to claim that they have breached a company, even if they haven’t, leading to unnecessary activity needing to be undertaken by the company and its customers, not to mention the potential lack of trust this creates.”