Adidas has taken immediate steps to contain the incident and has launched a comprehensive investigation in collaboration with leading information security experts. The company is in the process of informing potentially affected consumers and has notified appropriate data protection and law enforcement authorities, in accordance with applicable laws. (Reuters)
This incident underscores the critical importance of robust third-party risk management. Fletcher Davis, senior security research manager at BeyondTrust, emphasized that third-party breaches can quickly become an organization's own breaches. He advocates for mandating security assessments, multifactor authentication, and zero-trust architecture for all vendor access, along with deploying real-time identity infrastructure monitoring to reduce response times.
Adidas is not alone in facing such challenges; other major retailers like Co-op Group, Marks & Spencer, and Harrods have also been recent targets of cyberattacks. These incidents highlight the growing need for organizations to strengthen their cybersecurity measures, particularly concerning third-party vendors.
As the investigation continues, Adidas aims to reinforce its security infrastructure to prevent future breaches and protect customer data.