Adidas has confirmed the leakage of personal data from customers registered on the company’s US site. According to the company, an investigation has been underway since June 26 after an “unauthorized access” on the server, which has been able to steal full names, contact details and encrypted passwords.
“Adidas is committed to the privacy and security of its consumers’ personal data.” Adidas is immediately working to determine the scope of the problem and to alert consumers. police to investigate the problem, “he said.
On the case, security researcher James Lerud of Verodin pointed out the following:
“Adidas believes that no credit card or health information has been compromised.This combined with the fact that passwords are encrypted leads me to believe that Adidas is following the best practices” , said. “Companies should consider this as a warning that even if you follow best practices, violations can still happen. Security controls need to be continuously measured, evaluated and updated to stay ahead, following good static practice is not more sufficient “.
It is worth noting that Adidas’s position on the case is positive, especially if we recall Brazilian cases, when companies that had leaked data only admitted after pressure from authorities or, nevertheless, continue with a position that does not seek to improve security for their users.
Adidas said it will contact all users registered on the company’s North American site.