Adidas has announced (May 23, 2025) that it was the target of a recent cyber attack resulting in the theft of customer data. According to a statement posted on the company’s website, criminals gained access to “certain consumer data,” primarily consisting of the contact information of individuals who had interacted with Adidas’ help desk.
The global sportswear brand emphasized that no passwords, credit card information, or other payment data were compromised in the breach. “We remain fully committed to protecting the privacy and security of our consumers, and sincerely regret any inconvenience or concern caused by this incident,” the company stated.
Adidas has taken immediate steps to contain the breach and has launched a comprehensive investigation, enlisting the support of leading information security experts. The company also noted that it is in the process of informing potentially affected customers and has notified relevant data protection and law enforcement authorities in accordance with applicable laws.
Lisa Barber from consumer advocacy group Which? urged Adidas to keep consumers informed with timely updates. She advised affected individuals to monitor bank accounts and credit reports for suspicious activity and to be cautious of unsolicited phone calls, emails, or messages that could be scams exploiting the breach.
The attack on Adidas comes amid a broader surge in cyberattacks targeting major retailers. Marks & Spencer (M&S), Co-op, and Harrods have all recently experienced significant breaches, some of which severely impacted their operations. Authorities are investigating the possibility that an English-speaking hacker group known as Scattered Spider may be behind those incidents. M&S, in particular, has estimated a loss of approximately £300 million due to the attack, about a third of its annual profit.
Adidas has not indicated any operational disruptions resulting from the breach, and there is no evidence linking the attack to the Scattered Spider group. However, the company did previously disclose other data breaches involving its operations in Turkey and South Korea.
The incident underscores the growing cybersecurity threats facing global brands and the importance of robust data protection measures for both companies and consumers.
Stay informed and ahead of the curve — explore more industry insights and program opportunities at ProgramBusiness.com.