Adidas is looking into a new alleged data breach linked to one of its third party partners, after criminals claimed to have stolen hundreds of thousands of brand related records. Early statements stress that the incident appears to involve an independent licensing and distribution company, rather than Adidas’ main global IT infrastructure.
New Alleged Breach
According to security reports, someone claiming affiliation with the Lapsus$ Group posted on a hacking forum that they had compromised an Adidas extranet and accessed around 815,000 rows of data. The dataset is described as including names, email addresses, passwords, birthdays, company information, and some technical details, which raises concerns about both identity exposure and broader access paths into corporate systems.
In response, Adidas has confirmed it is investigating a ‘potential data protection incident’ at an independent licensing partner and martial arts products distributor that operates on separate IT systems from the core brand environment. The company has not yet validated the attackers’ claims about the size or exact content of the leak and says it is working with the partner to determine the scope and next steps.
How is This From 2025
This investigation follows a separate 2025 incident, when Adidas disclosed that attackers accessed customer contact data via a third party customer service provider. In that earlier breach, the company said the exposed information was limited to contact details and did not include passwords, card data, or payment information.
By contrast, the new 2026 claims center on an extranet and partner environment and allegedly involve login credentials and technical data, which could have different implications for both internal security and affected partners if they are confirmed. The recurring theme is third party risk: external vendors and licensees continue to be weak points even when a brand’s own systems apply stricter controls.
Third Party Risk and Brand Impact
For Adidas, the situation highlights how managing security now extends well beyond headquarters and core ecommerce platforms into a wider global ecosystem of licensees, distributors, and service providers. Any confirmed leak of names, emails, or passwords can undermine trust, trigger notification requirements, and force brands to dedicate resources to remediation and monitoring in multiple markets.
As the investigation continues, key questions will be how quickly Adidas and its partner can verify the claims, what categories of data were actually exposed, and what additional safeguards will be put in place across the wider licensing network.
Author Profile
Latest entries
RetailFebruary 20, 2026Loewe Perfumes Expands in Korea With World’s First Standalone Fragrance Flagship- FashionFebruary 20, 2026Adidas x Audi Revolut F1 Team Launch Their First Ever Apparel and Merch Collection
BusinessFebruary 20, 2026Klay Thompson Signs Lifetime Sneaker Deal With ANTA After 10 Million KT Sneakers Sold- BusinessFebruary 20, 2026Juicy Couture Drops Y2K Inspired Car Couture Collection Across Australia and New Zealand
