Adidas Hit By Data Breach After M&S Hack — Here’s What Was Stolen

Sporting goods giant Adidas (ADDYY) has confirmed that some customer data was accessed without authorization, following a breach involving a third-party service provider.

The incident comes after a major cyber attack at Marks & Spencer last month, which crippled the UK retailer's online systems and would shrink its profits by about $400 million this year.

The German brand said on Friday that an external entity obtained consumer data through a third-party customer service provider. The data includes contact information and does not include passwords, credit cards, or any other payment-related information.

Adidas shares in Germany dropped 2.7% on Friday. They have recovered the losses since.

The number of customers affected and where they are were not disclosed.

Adidas said it had contained the incident and was working with security agencies to investigate the breach, though it did not provide further details.

It added that the company is now in the process of informing customers.

In the case of M&S, investigators revealed that malicious actors linked to a broader wave of attacks on UK retailers targeted the company.

M&S has said the information stolen could include contact details such as people's names, home addresses, phone numbers, email addresses, dates of birth, and online order history.

The incidents have renewed scrutiny of data security, particularly in the retail sector, where companies handle vast volumes of customers' personally identifiable and financial information.

Last month, Walmart-owned (WMT) Sam’s Club confirmed it is investigating a possible cyberattack after the prolific Clop ransomware gang referenced the retailer on a leak site.

Adidas’ over-the-counter (OTC) market shares last traded at $120.91, 1.2% down for the year.

For updates and corrections, email newsroom[at]stocktwits[dot]com.