Adidas Admits Data Breach Following Third-Party Attack
Adidas shoes in store window. Adidas AG is a German sports apparel manufacturer and parent company ... More of the Adidas Group.
Adidas is once again in the cybersecurity spotlight. This time the breach came through a side door. Attackers infiltrated a third-party customer service provider and accessed the contact information of Adidas customers, as reported by Bleeping Computer. This incident highlights a growing trend: hackers are increasingly targeting vendors to bypass the more robust defenses of global brands.
Adidas confirmed that names, email addresses and phone numbers of customers who contacted support were exposed. No payment or password data was compromised, but the information is a potential goldmine for phishing and social engineering attempts. The company has begun notifying affected users and has reported the breach to data protection regulators and law enforcement, as required by law.
This is not Adidas' first data security incident. In 2018, the company suffered a breach affecting millions of U.S. customers. Adidas disclosed separate incidents in Turkey and South Korea, both involving third-party customer service providers and exposing similar personal data.
Cybercriminals have shifted tactics. Instead of attacking a company's main network, they look for poorly guarded side doors. Third-party vendors often lack the robust security measures of the companies they serve, making them attractive targets.
Key factors fueling this trend include:
Verizon's 2025 Data Breach Investigations Report found that 30 percent of breaches last year involved external service providers, raising ongoing concerns around vendor risk management and security oversight.
Forward-thinking retailers are adopting new strategies to reduce third-party risk. Consider these best practices:
The Adidas breach is not an isolated event. It is a warning for the entire retail sector. As hackers become more sophisticated, companies must treat third-party risk as a top priority, not just a compliance issue.
Key takeaways for business leaders:
For businesses, remember that your security is only as strong as your weakest partner. The companies that thrive will be those that treat every link in their supply chain as a potential point of failure and act accordingly.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
WIRED
38 minutes ago
- WIRED
Cops in Germany Claim They've ID'd the Mysterious Trickbot Ransomware Kingpin
Matt Burgess Lily Hay Newman May 30, 2025 9:22 AM The elusive boss of the Trickbot and Conti cybercriminal groups has been known only as 'Stern.' Now, German law enforcement has published his alleged identity—and it's a familiar face. Photograph:For years, members of the Russian cybercrime cartel Trickbot unleashed a relentless hacking spree on the world. The group attacked thousands of victims, including businesses, schools, and hospitals. 'Fuck clinics in the usa this week,' one member wrote in internal Trickbot messages in 2020 about a list of 428 hospitals to target. Orchestrated by an enigmatic leader using the online moniker 'Stern,' the group of around 100 cybercriminals stole hundreds of millions of dollars over the course of roughly six years. Despite a wave of law enforcement disruptions and a damaging leak of more than 60,000 internal chat messages from Trickbot and the closely associated counterpart group Conti, the identity of Stern has remained a mystery. Last week, though, Germany's federal police agency, the Bundeskriminalamt or BKA, and local prosecutors alleged that Stern's real-world name is Vitaly Nikolaevich Kovalev, a 36-year-old, 5'11' Russian man who cops believe is in his home country and thus shielded from potential extradition. A recently issued Interpol red notice says that Kovalev is wanted by Germany for allegedly being the 'ringleader' of a 'criminal organisation.' 'Stern's naming is a significant event that bridges gaps in our understanding of Trickbot—one of the most notorious transnational cybercriminal groups to ever exist,' says Alexander Leslie, a threat intelligence analyst at the security firm Recorded Future. 'As Trickbot's 'big boss' and one of the most noteworthy figures in the Russian cybercriminal underground, Stern remained an elusive character, and his real name was taboo for years.' Stern has notably seemed to be absent from multiple rounds of Western sanctions and indictments in recent years calling out alleged Trickbot and Conti members. Leslie and other researchers have long speculated to WIRED that global law enforcement may have strategically withheld Stern's alleged identity as part of ongoing investigations. Kovalev is suspected of being the 'founder' of Trickbot and allegedly used the Stern moniker, the BKA said in an online announcement. 'It has long been assumed, based on numerous indications, that 'stern' is in fact 'Kovalev',' a BKA spokesperson says in written responses to questions from WIRED. They add that, 'The investigating authorities involved in Operation Endgame were only able to identify the actor stern as 'Kovalev' during their investigation this year,' referring to a multi-year international effort to identify and disrupt cybercriminal infrastructure, known as Operation Endgame. The BKA spokesperson also notes in written statements to WIRED that information obtained through a 2023 investigation into the Qakbot malware as well as analysis of the leaked Trickbot and Conti chats from 2022 were 'helpful' in making the attribution. They added, too, that the 'assessment is also shared by international partners.' The German announcement is the first time that officials from any government have publicly alleged an identity for a suspect behind the Stern moniker. As part of Operation Endgame, BKA's Stern attribution inherently comes in the context of a multinational law enforcement collaboration. But unlike in other Trickbot and Conti-related attributions, other countries have not publicly concurred with BKA's Stern identification thus far. Europol, the US Department of Justice, the US Treasury, and the UK's Foreign, Commonwealth & Development Office did not immediately respond to WIRED's requests for comment. Several cybersecurity researchers who have tracked Trickbot extensively tell WIRED they were unaware of the announcement. An anonymous account on the social media platform X recently claimed that Kovalev used the Stern handle and published alleged details about him. WIRED messaged multiple accounts that supposedly belong to Kovalev, according to the X account and a database of hacked and leaked records compiled by District 4 Labs but received no response. Meanwhile, Kovalev's name and face may already be surprisingly familiar to those who have been following recent Trickbot revelations. This is because Kovalev was jointly sanctioned by the United States and United Kingdom in early 2023 for his alleged involvement as a senior member in Trickbot. He was also charged in the US at the time with hacking linked to bank fraud allegedly committed in 2010. The US added him to its most wanted list. In all of this activity, though, the US and UK linked Kovalev to the online handles 'ben' and 'Bentley.' The 2023 sanctions did not mention a connection to the Stern handle. And, in fact, Kovalev's 2023 indictment was mainly noteworthy because his use of 'Bentley' as a handle was determined to be 'historic' and distinct from that of another key Trickbot member who also went by 'Bentley.' The Trickbot ransomware group first emerged around 2016, after its members moved from the Dyre malware that was disrupted by Russian authorities. Over the course of its lifespan, the Trickbot group—which used its namesake malware, alongside other ransomware variants such as Ryuk, IcedID, and Diavol—increasingly overlapped in operations and personnel with the Conti gang. In early 2022, Conti published a statement backing Russia's full-scale invasion of Ukraine, and a cybersecurity researcher who had infiltrated the groups leaked more than 60,000 messages from Trickbot and Conti members, revealing a huge trove of information about their day-to-day operations and structure. Stern acted like a 'CEO' of the Trickbot and Conti groups and ran them like a legitimate company, leaked chat messages analyzed by WIRED and security researchers show. 'Trickbot set the mold for the modern 'as-a-service' cybercriminal business model that was adopted by countless groups that followed,' Recorded Future's Leslie says. 'While there were certainly organized groups that preceded Trickbot, Stern oversaw a period of Russian cybercrime that was characterized by a high level of professionalization. This trend continues today, is reproduced worldwide, and is visible in most active groups on the dark web.' Stern's eminence within Russian cybercrime has been widely documented. The cryptocurrency tracing firm Chainalysis does not publicly name cybercriminal actors and declined to comment on BKA's identification, but the company emphasized that the Stern persona alone is one of the all-time most profitable ransomware actors it tracks. 'The investigation revealed that stern generated significant revenues from illegal activities, in particular in connection with ransomware,' the BKA spokesperson tells WIRED. Stern 'surrounds himself with very technical people, many of which he claims to have sometimes decades of experience, and he's willing to delegate substantial tasks to these experienced people whom he trusts,' says Keith Jarvis, a senior security researcher at cybersecurity firm Sophos' Counter Threat Unit. 'I think he's always probably lived in that organizational role.' Increasing evidence in recent years has indicated that Stern has at least some loose connections to Russia's intelligence apparatus, including its main security agency, the Federal Security Service (FSB). The Stern handle mentioned setting up an office for 'government topics' in July 2020, while researchers have seen other members of the Trickbot group say that Stern is likely the 'the link between us and the ranks/head of department type at FSB.' Stern's consistent presence was a significant contributor to Trickbot and Conti's effectiveness—as was the entity's ability to maintain strong operational security and remain hidden. As Sophos' Jarvis put it, 'I have no thoughts on the attribution as I've never heard a compelling story about Stern's identity from anyone prior to this announcement.'
Forbes
an hour ago
- Forbes
New Attack Steals Your Windows Email, Passwords, 2FA Codes And More
The latest Katz malware version can steal most everything. Infostealers are the new black. When it comes to hacking fashion, malware that steals user credentials has been in vogue for a while now. We've seen the evidence in the 19 billion compromised passwords that are already available online, or the 94 billion browser cookies published to the Dark Web and Telegram channels. Microsoft has been spearheading the fight against the credential-stealing criminals, leading the recent global takedown of large parts of the Lumma Stealer network infrastructure, for example. Yet, the danger still persists; in fact, it is evolving. New research has revealed that a notorious threat to Windows users has emerged in the form of a new variant that can steal most anything and everything. Here's what you need to know about Katz. There is nothing particularly unusual about the way that the Katz Stealer malware is distributed. Victims are targeted through the usual cybercriminal methods, including phishing emails, malicious advertisements, dangerous search results, and dodgy downloads. Once installed, however, Katz looks to see if you are using Google Chrome, Microsoft Edge or the Brave web browser and goes into what is known as headless mode. This is pretty much as it sounds, a browser with no visible interface, running 'headless' in the background but with the body able to render pages and interact with the web as normal. Katz can also bypass Google's app-bound encryption protections for Chrome, according to security researchers, which would aid in the credential-stealing payload. And it's the payload that has us shaking our collective heads in disbelief. A May 23 analysis of the latest Katz Stealer malware, by the Nextron threat research team, has revealed the true extent of this steal-everything threat to Windows users. According to the full analysis, which I would recommend you go and read, after you finish here, of course, the range of Katz when it comes to data that can be stolen is, well, extensive. As well as the usual mitigation advice for consumers to deploy two-factor authentication and passkeys on all accounts where available, apply all operating system and browser security updates as soon as possible and be alert to all the usual phishing tricks, the Nextron threat research team recommended the following for enterprise users: Nextron also suggested watching out for the scanning of Windows registry keys and files associated with popular browsers and wallet applications, as this is indicative of Katz Stealer activity. As Sergeant Phil Esterhaus used to say, if you know you know, 'be careful out there.'
Forbes
an hour ago
- Forbes
Google Issues New $1 Trillion Threat Security Advisory
Google issues new scam threats advisory. dpa/picture alliance via Getty Images Whether it's the FBI warning about smartphone attacks leveraging fears of deportation in the U.S. foreign student population, recommendations to use a secret code as AI-powered phishing campaigns evolve, instant takeover attacks targeting Meta and PayPal users, or confirmed threats aimed at compromising your Gmail account, there is no escaping the cyber-scammers. Indeed, the Global Anti-Scam Alliance, whose advisory board includes the head of scam prevention at Amazon, Microsoft's director of fraud and abuse risk, and the vice president of security solutions with Mastercard, found that more than $1 trillion was lost globally to such fraud in 2024. But do not despair, despite the Federal Trade Commission warning of a 25% year-on-year increase in losses, Google is fighting back. Here's what you need to know. There can be no doubt that online scams, of all flavors, are not only increasing in volume, but they are also evolving. We've seen evidence of this in the increasing availability and cost-effectiveness of employing AI to empower such threat campaigns. No longer the sole stomping ground of solo actors and chancers looking to make a few bucks here and there, the scams threat landscape is now dominated by organized international groups operating at scale. The boundary between online and physical, offline fraud is blurring. Hybrid campaigns are a reality, combining phone calls with internet calls to action. The Global Anti-Scam Alliance State of Scams Report, published in November 2024, revealed the true cost of such crimes: $1.03 trillion globally in just 12 months. A March 2025 report from the Federal Trade Commission showed that U.S. consumers alone had lost $12.5 billion last year, up 25% from 2023. And that GASA report also found that only 4% of victims worldwide reported being able to recover their losses. Something has to be done, and Google's Trust and Safety teams, responsible for tracking and fighting scams of all kinds, are determined that they are the people to help do it. 'Scammers are more effective and act without fear of punishment when people are uninformed about fraud and scam tactics,' Karen Courington, Google's vice president of consumer trusted experiences, trust & safety, said. In addition to tracking and defending against scams, Google's dedicated teams also aim to inform consumers by analyzing threats and sharing their observations, along with mitigation advice. The May 27 Google fraud and scams advisory, does just that, describing the most pressing of recent attack trends that have been identified. These are broken down into five separate scams, each complete with mitigating best practice recommendations, as follows: Customer support scams, often displaying fake phone numbers while pretending to be legitimate help services, are evolving and exploiting victims through a combination of social engineering and web vulnerabilities, Google warned. Along with the protection offered by Gemini Nano on-device to identify dangerous sites and scams, Google advised users should 'seek out official support channels directly, avoid unsolicited contacts or pop-ups and always verify phone numbers for authenticity." Malicious advertising scams, often employing the use of lures including free or cracked productivity software and games, have also evolved. 'Scammers are setting their sights on more sophisticated users,' Courington said, 'those with valuable assets like crypto wallets or individuals with significant online influence.' Google uses AI and human reviews to combat the threat and block ad accounts involved in such activity. Only download software from official sources, beware of too good to be true offers, and pay particular attention browser warnings when they appear, Google said. Google's teams have seen an increase in fake travel websites as the summer vacations get closer, usually luring victims with cheap prices and unbelievable experiences. Again, these will likely impersonate well-known brands, hotels, and agencies. Google advised users to use its tools such as 'about this result' to verify website authenticity. 'Avoid payment methods such as wire transfers or direct bank deposits,' Courington said, 'especially if requested via email or phone.' The old chestnut of package tracking scams has not vanished, more's the pity. 'These scams often trick users into paying additional fees that real delivery services would never request,' Courington explained. Google has seen these scammers employing a tactic whereby the websites and messages used are changed dynamically, based on when the link is sent to the victim. Scam detection in Google Messages has been deployed as one level of protection by Google, but Courington also recommended users should verify the status of any expected package with the shipping company or seller rather than by a link from an unknown source. And finally, there's also no escaping the road toll scams that continue to appear. 'A toll road scam involves scammers sending fraudulent text messages claiming that you owe unpaid toll fees,' Courington warned. Thankfully, these are not always the most realistic of threats, with Google analysts seeing users spammed by toll road fee claims in states that don't even have any toll roads. The best mitigating advice remains stopping to pause, count to ten, and ask yourself if the claim is a plausible one. If it is, then confirm it directly with the toll operator rather than via a link in a message.
