Adidas US Site: A hole in a shoe was a hole in Cyber Security
It was just last 28th of June when the German based brand sporting supplies giant Adidas announced that there were unauthorized party that claims to have possessed limited data associated with certain Adidas consumers.
What are included in the data breach?
- contact information
- encrypted passwords
Where will the data go after the breach?
There is a high possibility that the breached data will be sold within the dark web marketplaces and/or sold to Clearnet sites that are associated with dark web. What has been stolen in the digital world cannot be absolutely erased.
Even after this incident the contact information can still be a valuable data for some industries which includes but not limited to marketing, white hat and black hat security. These mentioned industries will try to take advantage of the information whoever gets their hands on the valuable data which were breached.
What is terrifying is the black hat side of the security industry surely did get their hands on it and various divisions of the industry will take advantage of the information for illegal activities such as identity theft, phishing, spear phishing, phone phishing, doxing etc.
How the white hack side of the security industry can help secure the affected users is by planning and deploying anti-phishing mitigation strategies through phishing intelligence teams of different security organizations.
How Many Were Affected?
Adidas did not include in their statement on how many customer were affected, nor how and who were able to hack into their servers. Since we are talking about the US website of the Adidas brand, then it is possible within a few million were affected.
To anyone who has created an account within the US website or even outside that jurisdiction, it is advised to change your contact information and password ASAP. Also do try and ask for a replacement of your Credit/Debit card that you used to transact within the Adidas website. It is better to be safe than sorry.