Adidas hit by cyber attack in which customer data compromised
The German company said criminals had accessed certain consumer data through a third-party customer service provider.
Adidas confirmed no passwords or credit card data was taken.
'We immediately took steps to contain the incident and launched a comprehensive investigation, collaborating with leading information security experts,' the company said in a statement.
The sportswear giant said the breached data mainly consisted of contact information from consumers who had contacted its customer service help desk in the past.
'Adidas is in the process of informing potentially affected consumers,' it said.
'We remain fully committed to protecting the privacy and security of our consumers, and sincerely regret any inconvenience or concern caused by this incident,' it continued.
The breach on Adidas is the latest in a string of cyber attacks on companies.
A recent cyberattack on Marks & Spencer will cost the retailer around £300m (€357.6m) after the company was targeted over the Easter weekend.
M&S faced availability issues earlier this month after taking some of its systems offline in response to the incident, which the retail group said was caused by 'human error'.
Personal data that could have been accessed includes names, email addresses, postal addresses and dates of birth, according to the supermarket.
It is understood the process was part of a ransomware attack, reported to be linked to the hacking group Scattered Spider, but the company would not comment on potential ransoms.
There is no suggestion that this group is behind the data breach at Adidas.
A hack on Co-op earlier this month also caused significant disruption across its retail chain and led to bare shelves in many of its shops, while luxury shop Harrods in London has also been affected.
The National Crime Agency said it is investigating the attacks on M&S and Co-op individually but is 'mindful they may be linked'.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Reuters
17 minutes ago
- Reuters
S&P Global 'positive' on Wells Fargo as regulatory burden lifts
June 6 (Reuters) - S&P Global (SPGI.N), opens new tab upgraded its outlook on Wells Fargo (WFC.N), opens new tab to "positive" from "stable", the ratings provider said on Friday, after the U.S. bank was released from a $1.95 trillion asset cap earlier this week. The U.S. Federal Reserve's unprecedented, seven-year long punitive measure was imposed on Wells in 2018 and restricted balance sheet growth so the bank could address rampant governance and compliance concerns that had been brought to light in a fake accounts scandal in 2016. The Fed's unanimous decision on Tuesday capped years of efforts by the bank to repair the damage and pay off billions of dollars in fines, sending Wells Fargo shares to a three-month high a day later. The stock has gained nearly 8.3% in a year where the benchmark S&P 500 (.SPX), opens new tab has remained flat. "The positive outlook on the holding company reflects our view that Wells Fargo has substantially improved its underlying governance, risk, and control profile, allowing for the removal of the Fed's asset cap," said S&P. S&P also expects Wells to expand its commercial and investment banking business, "the unit most affected by the asset cap and one that had to turn away some nonoperational deposits from customers." While the fourth-largest U.S. lender was forced to carefully manage wholesale deposits and its markets business, assets of peer JPMorgan Chase (JPM.N), opens new tab swelled by nearly $2 trillion since the start of 2018, while those of Bank of America (BAC.N), opens new tab and PNC Financial (PNC.N), opens new tab added about $1 trillion and nearly $200 billion, respectively.
Telegraph
22 minutes ago
- Telegraph
M&S food sales growth collapses after cyber attack
Rapid growth at Marks & Spencer's food business has ground to a halt after the retailer was struck by a devastating cyber attack that left shelves empty. New figures seen by The Telegraph show that spending in M&S's food halls rose by 0.8pc in the four weeks to May 17 compared with a year earlier. The data covered a period when the retailer was in the initial throes of the hack. It marks a major slowdown from the rampant growth experienced by the retailer over the past year. According to the unpublished figures from analysts at NIQ, grocery spending at M&S had been up by 11pc in the 12 months to May 17. It has consistently ranked among the fastest-growing supermarkets in recent months. The NIQ data showed M&S sold fewer items in the four weeks to May 17 compared with the same period last year and its market share slipped to 3.3pc, compared with 3.6pc in the year as a whole. M&S slipped below Waitrose in the ranks of the largest grocers as a result, having overtaken the retailer for the first time in November. Previous figures had suggested M&S had escaped a major hit from the cyber attack. Separate data from Kantar recently suggested that M&S grocery sales rose by 8pc in the four weeks to May 18 and by 12.3pc in the 12 weeks to the same date. Kantar uses a different methodology, which does not include grocery sales from delivery apps such as Deliveroo. The NIQ survey data shed fresh light on the effect of the cyber attack that has crippled M&S. M&S was forced to halt online orders in mid-April after being struck by a cyber incident, which also disrupted food deliveries into stores. It led to gaps on shelves and forced the retailer to pause some offers in some stores. The attack has been blamed on criminal gang Scattered Spider. Stuart Machin, M&S's chief executive, was reportedly directly contacted by the hackers, with an abuse-filled email seen by the BBC allegedly showing hackers gloated about the attack. M&S declined to comment on the report. Seven weeks after the company disclosed the attack, it is still battling to bring its IT systems back online. M&S has not yet brought back online orders, with disruption expected to continue until July. The retailer has already admitted that the attack will knock an estimated £300m off its profits this year, dealing a setback to Mr Machin's efforts to rapidly grow the retailer. Clive Black, an analyst at Shore Capital, said the hit to food sales was to be 'wholly expected post the cyber incident, when considerable disruption to store operations was evident, meaning lots of gaps at time, famine and feast in terms of product coming into stores managed by manual rather than automated processes'. However, he suggested M&S was likely to experience a 'robust bounce back' once the IT issues were resolved. Richard Hyman, a partner at Aria Intelligent Solutions, added: 'If there was ever a good time for this to happen to M&S, it's now when they're in a position of strength. If this had happened several years ago, I think that one would be much more worried about them.' A spokesman for M&S said: 'We have made good progress in growing our food business and gaining market share over the long term. The most recent Kantar report shows market share growth of over 12pc, which is ahead of the market and underlines our resilience. 'Our stores are back to normal for our customers and have been for some time. We are getting on with providing the best quality products and service for our customers. In fact, just this week, we have launched 100 new or upgraded M&S Food products for summer.'
Scottish Sun
an hour ago
- Scottish Sun
Terrifying message sent by ‘Chinese hackers' to M&S boss after crippling cyber attack on British retailer is revealed
The blackmail message is believed to have included a racist term RANSOM DEMAND Terrifying message sent by 'Chinese hackers' to M&S boss after crippling cyber attack on British retailer is revealed Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) 'CHINESE hackers' allegedly sent a terrifying message to the boss of Marks & Spencer following a crippling cyber-attack on the British retailer. Fraudsters, believed to be from the hacking group DragonForce, are said to have emailed the company's chief executive Stuart Machin and seven other key executives. Sign up for Scottish Sun newsletter Sign up 2 High street retailer Marks & Spencer was hit by a cyber attack over the Easter holiday Credit: Alamy 2 M&S boss Stuart Machin, pictured, along with seven other company executives were emailed by the hackers, believed to be DragonForce Credit: PA The message, written in broken English, was sent on April 23, indicated that M&S was hacked by the ransomware group, although the retailer has not acknowledged this. 'We have marched the ways from China all the way to the UK and have mercilessly raped your company and encrypted all the servers,' the hackers wrote, according to the BBC. 'The dragon wants to speak to you so please head over to [our darknet website].' The link to the darknet shared in the email led to a portal for victims of DragonForce to negotiate a ransom fee. The hackers added: 'Let's get the party started. Message us, we will make this fast and easy for us.' DragonForce's attack during the Easter holiday has been hugely damaging for one of Britain's best-known retailer and is thought to have cost the firm an estimated £300million. After six weeks on from the attack, the retailer is still unable to process online orders. The email was sent to Mr Machin along with seven other top executives, according to the corporation. A racist term is also said to have been included in the blackmail message and also ended with an image of a fire-breathing dragon. Along with installing ransomware in order to cripple M&S's IT system the hackers are also believed to have stolen private data from millions of customers. The £3.50 M&S buy that'll make your whole house smell like a 'boujee candle' Three weeks on from the attack, M&S informed customers that contact details and dates of birth from some shoppers had been obtained by a suspected cyber cartel. M&S also admitted other personal details, including customers' order histories, had also been pilfered by online criminals. Bosses though have stressed that no data relating to shoppers' payment, card details or account passwords had been obtained. It is unclear how many customers have been affected by the data breach. According to the company's full-year results, it had 9.4million active online customers in the year up to March 30. The email apparently sent by DragonForce is thought to have bene sent using the account of an employee from IT company Tata Consultancy Services (TCS), which has provided IT services to the retailer for more than a decade. The Indian IT worker, who is based in London, had an M&S email address but is paid employee of TCS. Timeline of the attack Saturday, April 19: Initial reports emerge on social media of problems with contactless payments and click-and-collect services at M&S stores across the UK. Customers experience difficulties collecting online purchases and returning items due to system issues. Initial reports emerge on social media of problems with contactless payments and click-and-collect services at M&S stores across the UK. Customers experience difficulties collecting online purchases and returning items due to system issues. Monday, April 21: Problems with contactless payments and click-and-collect persist. M&S officially acknowledges the "cyber incident" in a statement to the London Stock Exchange. CEO Stuart Machin apologises for the disruption and confirms "minor, temporary changes" to store operations. M&S notifies the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO) and engages external cybersecurity experts. Problems with contactless payments and click-and-collect persist. M&S officially acknowledges the "cyber incident" in a statement to the London Stock Exchange. CEO Stuart Machin apologises for the disruption and confirms "minor, temporary changes" to store operations. M&S notifies the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO) and engages external cybersecurity experts. Tuesday, April 22: Disruptions continue. M&S takes further systems offline as part of "proactive management". Disruptions continue. M&S takes further systems offline as part of "proactive management". Wednesday, April 23: Despite earlier claims of customer-facing systems returning to normal, M&S continues to adjust operations to maintain security. Contactless payments are initially restored, but other services, including click-and-collect, remain affected. Despite earlier claims of customer-facing systems returning to normal, M&S continues to adjust operations to maintain security. Contactless payments are initially restored, but other services, including click-and-collect, remain affected. Thursday, April 24: Contactless payments and click-and-collect services are still unavailable. Reports surface suggesting the attackers possibly gained access to data in February. Contactless payments and click-and-collect services are still unavailable. Reports surface suggesting the attackers possibly gained access to data in February. Friday, April 25: M&S suspends all online and app orders in the UK and Ireland for clothing and food, although customers can still browse products. This decision leads to a 5% drop in M&S's share price. M&S suspends all online and app orders in the UK and Ireland for clothing and food, although customers can still browse products. This decision leads to a 5% drop in M&S's share price. Monday, April 28: M&S is still unable to process online orders. Around 200 agency workers at the main distribution centre are told to stay home. M&S is still unable to process online orders. Around 200 agency workers at the main distribution centre are told to stay home. Tuesday, April 29: Information suggests that the hacker group Scattered Spider is likely behind the attack. Shoppers spot empty shelves in selected stores. Information suggests that the hacker group Scattered Spider is likely behind the attack. Shoppers spot empty shelves in selected stores. Tuesday, May 13: M&S revealed that some customer information has been stolen. M&S revealed that some customer information has been stolen. Wednesday, May 21: The retailer said disruption from the attack is expected to continue through to July. The retailer said disruption from the attack is expected to continue through to July. It's thought the worker was among the victims hacked. The company had previously said it is investigating if it was a gateway for the cyber attack. It has since informed the BBC the email was not sent from its system and had nothing to do with the security breach. M&S has declined to comment on the latest revelations. A spokesperson for the company told The Sun Online: 'We cannot comment on details of or speculation on the cyber incident, and we have been advised not to.'
