"Allegations of an incident at Adidas emerged on February 16, when someone claiming to be the Lapsus$ Group posted on BreachForums (screenshot shared here on Daily Dark Web) that they compromised the sportswear giant's extranet. According to the crooks, the stolen files - 815,000 rows of information - allegedly include: first and last names, email addresses, passwords, birthdays, company names, and "a lot of technical data.""
"Lapsus$ is a chaotic crew of teens and young people that gained notoriety during a 2021-2022 crime spree. The gang broke into and attempted to extort telecoms giant BT, Nvidia, Microsoft, Samsung, Vodafone, fintech firm Revolut, and Okta, using a mix of phone-based social engineering, SIM swapping, and even paying employees of target organizations for access to credentials and multi-factor authentication (MFA) codes."
Adidas confirmed awareness of a potential data protection incident at an independent licensing partner and distributor for martial arts products. The partner operates its own IT systems. Adidas declined to specify timing or exact data stolen but stated there is no indication that Adidas IT infrastructure, e-commerce platforms, or consumer data are affected. Someone claiming to be the Lapsus$ Group posted on BreachForums on February 16 claiming to have compromised an extranet and stolen 815,000 rows of data including names, emails, passwords, birthdays, company names, and technical data. A similar third-party incident affected Adidas in May 2025.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]