FlagThis - #customers

Adidas has confirmed a data breach impacting customer data via a third-party customer service provider. According to Adidas, the compromised data primarily consists of contact information of customers who had previously contacted their customer service help desk. The company assures that sensitive information like passwords, credit card, or any other payment-related information were not affected in the incident.

Adidas became aware that an unauthorized external party obtained certain consumer data through a third-party customer service provider. Adidas has immediately taken steps to contain the incident and launched a comprehensive investigation, collaborating with leading information security experts. The company is currently notifying affected customers and is cooperating with data protection authorities and investigators as required by law.

This breach marks the third publicly acknowledged incident involving the sportswear giant’s customer service systems recently. The company is working to clarify the situation, reinforcing the importance of securing third-party providers to prevent them from becoming a gateway for attackers to access target systems. Adidas expressed that they remain fully committed to protecting the privacy and security of their consumers and sincerely regret any inconvenience or concern caused by this incident.


References :

• cyberinsider.com: Adidas Hit by Third Customer Data Breach Linked to Support Systems
• The Register - Security: Adidas confirms criminals stole data from customer service provider
• The420.in: Adidas Falls Victim to Cyberattack Amid Retail Industry Wave
• BleepingComputer: Adidas warns of data breach after customer service provider hack
• www.it-daily.net: Data leak at Adidas: contact data tapped via third-party providers
• bsky.app: German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data.
• Graham Cluley: Adidas customers’ personal information at risk after data breach
• hackread.com: Adidas Confirms Cyber Attack, Customer Data Stolen
• hackread.com: Adidas Confirms Cyber Attack, Customer Data Stolen
• www.bleepingcomputer.com: Adidas warns of data breach after customer service provider hack
• Graham Cluley: Adidas customers' personal information at risk after third-party data breach.
• bsky.app: Adidas customers' personal information at risk after third-party data breach.
• techinformed.com: Adidas becomes latest consumer brand to be hit with a cyber breach
• www.techradar.com: Adidas confirms customer data stolen in worrying cyberattack
• www.techdigest.tv: Adidas customer data stolen in latest retail cyber attack
• PCMag UK security: Adidas Confirms Data Breach, Customer Contact Details Exposed
• Rescana: April 2025 Adidas Data Breach: Supply Chain Attack via Third-Party Customer Service Provider
• ComputerWeekly.com: Adidas confirms customer data was accessed during cyber attack

Classification:

• HashTags: #DataBreach #Adidas #CyberSecurity
• Company: Adidas
• Target: Adidas Customers
• Product: Customer Data
• Feature: Data theft
• Type: DataBreach
• Severity: Medium

A China-based eCrime group known as the Smishing Triad has expanded its operations, targeting users across more than 121 countries with sophisticated SMS phishing campaigns. Originally focused on impersonating toll road operators and shipping companies, the group has now pivoted to directly target customers of international financial institutions. This expansion is accompanied by a dramatic increase in their cybercrime infrastructure and support staff, signaling a significant escalation in their activities. The group's operations span a diverse range of industries, including postal, logistics, telecommunications, transportation, finance, retail, and public sectors.

The Smishing Triad's infrastructure is vast, utilizing over 8,800 unique IP addresses and stretching across more than 200 Autonomous System Numbers (ASNs). Recent data from server logs analyzed by Silent Push reveal that the group's infrastructure has been highly active, with over one million page visits logged in just 20 days. This suggests that the actual number of SMS phishing messages sent may be significantly higher than the previously estimated 100,000 per day. A large portion of the group's phishing sites are hosted by major Chinese companies, Tencent and Alibaba, indicating a strong connection to Chinese cyberspace.

The group's latest tactic involves the introduction of the "Lighthouse" phishing kit, unveiled on a Telegram channel by the developer identified as Wang Duo Yu. This kit targets numerous financial institutions, particularly in Australia and the broader Asia-Pacific region, as well as major Western financial institutions like PayPal, Mastercard, and HSBC. The Lighthouse kit boasts advanced features such as one-click setup, real-time synchronization, and mechanisms to bypass multiple layers of security like OTP, PIN, and 3DS verification, making it a formidable tool for stealing banking credentials. Smishing Triad boasts it has “300+ front desk staff worldwide” supporting the Lighthouse kit, and continues to sell its phishing kits to other threat actors via Telegram.


References :

• krebsonsecurity.com: China-based SMS Phishing Triad Pivots to Banks - Krebs on Security
• www.silentpush.com: Silent Push blog on Smishing Triad: Chinese eCrime Group Targets 121+ Countries, Intros New Banking Phishing Kit
• gbhackers.com: GBHackers article on Smishing Triad
• Cyber Security News: CyberPress report on Chinese eCrime Group Launches Global Attack to Steal Banking Credentials from Users in 120+ Countries
• securityonline.info: Smishing Triad: eCrime Group Targets 121+ Countries with Advanced Smishing
• Security Latest: Smishing Triad: The Scam Group Stealing the World’s Riches

Classification:

• HashTags: #Smishing #Phishing #eCrime
• Company: Apple, Google
• Target: Customers
• Attacker: Smishing Triad
• Product: SMS
• Feature: SMS Phishing
• Malware: Lighthouse
• Type: Phishing
• Severity: Medium