Ethical Hacking News
Adidas has confirmed an investigation into a third-party data breach after a notorious cybercrime gang claimed they stole sensitive information from the German sportswear giant. The incident follows a similar breach in 2025 and highlights the ongoing threat posed by third-party security incidents.
Adidas initiated an investigation into a potential data protection incident at one of its third-party partner companies. The alleged breach occurred in February 2026, when sensitive information and technical data were stolen from Adidas' extranet. Approximately 815,000 rows of information were compromised, including personal and technical data. Stolen files contained sensitive information such as passwords, birthdays, and company names. The investigation is ongoing, with limited information provided by Adidas' spokesperson. Lapsus$ has been linked to numerous recent data breaches across various industries.
Adidas, a leading global sportswear brand, has initiated an investigation into a potential data protection incident at one of its third-party partner companies. According to recent reports, the German multinational corporation was allegedly targeted by the notorious cybercrime gang, Lapsus$, which claimed to have stolen sensitive information and technical data from Adidas' extranet.
The alleged breach occurred in February 2026, when an individual claiming to be affiliated with Lapsus$ posted on BreachForums, a platform often used by hackers to share stolen data. The report indicated that the cybercriminals had compromised approximately 815,000 rows of information from Adidas' extranet, which included personal and technical data.
The stolen files allegedly contained sensitive information such as first and last names, email addresses, passwords, birthdays, company names, and extensive technical data. It is worth noting that Adidas has stated there is "no indication" that their IT infrastructure, e-commerce platforms, or consumer data were affected by the incident.
This latest breach follows a similar incident in May 2025, where Adidas notified customers that some of their data was stolen after an unauthorized individual accessed a third-party customer service provider. The reported breach highlights the ongoing threat posed by third-party security incidents and the importance for corporations to prioritize robust data protection measures.
The investigation into the alleged breach is ongoing, with Adidas' spokesperson providing limited information regarding the incident's timing and scope. As such, it remains unclear what steps the company will take to address the issue or whether any regulatory bodies have been notified.
Lapsus$, a group of cybercrime enthusiasts that rose to prominence in 2022 through a series of high-profile hacking incidents, has been linked to numerous recent data breaches across various industries. The gang's alleged involvement in the Adidas breach raises concerns about the potential for similar third-party security incidents and underscores the need for greater vigilance among corporations to safeguard their data.
Furthermore, the Lapsus$ group's activities have garnered significant attention from law enforcement agencies worldwide. In 2022, UK police arrested and then released seven individuals suspected of involvement with the gang, while two of the teens were re-arrested and charged later that year. The ongoing collaboration between cybercrime gangs such as Scattered Spider, ShinyHunters, and Lapsus$ highlights the evolving nature of threats posed by these groups.
The Adidas breach serves as a stark reminder of the importance of robust cybersecurity measures in protecting sensitive data. As the threat landscape continues to evolve, it is crucial for corporations to prioritize robust security protocols, maintain vigilant monitoring, and engage with regulatory bodies to ensure timely response and mitigation of such incidents.
Related Information:
https://www.ethicalhackingnews.com/articles/Adidas-Investigates-Third-Party-Data-Breach-Following-Notorious-Cybercrime-Gangs-Claimed-Heist-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/02/18/adidas_investigates_thirdparty_data_breach/
https://www.theregister.com/2026/02/18/adidas_investigates_thirdparty_data_breach/
https://www.bbc.co.uk/news/articles/c071m82v80po
Published: Thu Feb 19 05:44:55 2026 by llama3.2 3B Q4_K_M
