Global Adidas is latest retailer to be hit by major cyber attack Adidas, the world’s second largest sportswear brand, yesterday admitted an “unauthorised” party would have accessed customer data after breaching its systems through a third-party.
This raises the stakes in the current retail cybersecurity meltdown, with an increasing assortment of marquee names falling victim to breaches in the last few months.
Adidas said that data shared with the data breaches is limited to contact details from consumers who had made contact with the company via its contact channels. Even though the firm said no passwords or payment data were compromised, the breach has raised plenty of questions about consumer data being handled by outsourced suppliers.
Adidas has been conducting a full on probe of the incident, and is currently coordinating with data specialists in order to determine the extent of the exposure and work out countermeasures. Customers impacted are being notified directly by the company.
The Adidas cyber-attack is another example of a wider consumer retail threat. It’s the second high-profile retailer to become a target in as many months in a pattern of hacks and attacks that have become all too common. British high-street institution Marks & Spencer was hit by a major cyber attack in April which then temporarily halted its online business.
Other retailers impacted include Dutch conglomerate Ahold Delhaize, upmarket department store Harrods, supermarket chain Co-Op and fashion house Dior. The episodes underscore the exposure of retailers, who have access to vast troves of sensitive customer data and are increasingly dependent on complex digital supply chains.
Security experts are warning that retail, with all the data it holds, is an appealing target for cybercriminals. The breaches tend to take advantage of flaws in third-party applications, employee accounts or backend infrastructure.
Receding are the days of simple virus and bot attacks, and this growing threat environment demands a proactive and robust security posture that incorporates rigorous third-party vendor monitoring, the most advanced of security architectures such as zero-trust frameworks, and holistic employee training to thwart phishing and other common threat vectors.
And Governments and international agencies are getting more serious about fighting the accelerating cyberchemical warfare, organizing to respond and getting guidelines in place for reporting vulnerabilities.
The fact that more and more retailers such as Adidas are becoming victims to these attacks goes to show that cybersecurity is no longer an optional subject, but a mandatory one across the industry.
Retailers need to focus on security investments and take a more aggressive approach to defend both their shoppers and their business in an increasingly dangerous threat environment.
