Key Takeaways
- Nike and Under Armour are the latest high-profile targets of ransomware gangs, with both companies being pressured for ransom payments.
- The malware used in the attacks prevents companies from accessing their data until payment is made to restore access.
- The extent of the data accessed at Nike is unknown, but it may include customer information such as name, gender, email address, and birthdate.
- Under Armour’s data breach reportedly occurred in November, with a ransomware gang claiming responsibility and posting customer information on a hacker forum.
- The sportswear industry has been a target for cyber attacks in the past, with companies such as Adidas and The North Face being affected.
Introduction to the Cyber Attacks
Nike and Under Armour appear to be the latest high-profile targets for cyber attacks. Ransomware gangs have been posting who their latest victims are to pressure them for ransom payments, and both Nike Inc. and Under Armour Inc. are on the list. The malware that is used prevents companies from accessing their data until payment is made to restore access. Strong-arm tactics are used to scare victim companies into meeting payment demands. This type of attack is becoming increasingly common, with hackers using ransomware to extort money from companies by threatening to release sensitive data if their demands are not met.
The Extent of the Data Breach at Nike
The extent of the data supposedly accessed at Nike isn’t known. Generally, the data files include, at a bare minimum, customer information, such as name, gender, email address, and birthdate. In Nike’s case, it reportedly has a countdown clock set for 6 p.m. Saturday when the alleged stolen data will be released to the public if payment isn’t made. The ransomware group claiming responsibility for the breach is WorldLeaks. Nike has stated that they are taking the situation seriously and are investigating the potential cyber security incident. “We always take consumer privacy and data security very seriously. We are investigating a potential cyber security incident and are actively assessing the situation,” Nike told Footwear News.
The Data Breach at Under Armour
At Under Armour, the data breach reportedly occurred in November, with ransomware gang Everest claiming responsibility. The shoe and apparel firm is in the midst of conducting a full investigation. A source familiar with the Under Armour probe disputed reports that 72 million email addresses were obtained. This individual noted that the investigation indicates that a “fraction” of that number were compromised. Word of the breach surfaced when certain information of customers were posted on a hacker forum. Under Armour has stated that they are aware of the claims and are investigating the issue with the assistance of external cybersecurity experts. “We are aware of claims that an unauthorized third party obtained certain data. Our investigation of this issue with the assistance of external cybersecurity experts is ongoing. Importantly, at this time, we have no evidence to suggest this issue has affected UA.com or systems used to process payments or store customer passwords,” Under Armour said.
Previous Cyber Attacks in the Sportswear Industry
The sportswear industry has been a target for cyber attacks in the past. Last year, Adidas in April confirmed that an “unauthorized external party obtained certain consumer data through a third-party customer service provider.” The German sportswear brand emphasized that the affected data did not contain “passwords, credit card or any other payment-related information” The information that was accessed centered on contact information of consumers who had reached out to the brand’s customer service help desk. One month later, The North Face was the victim of a cyber attack that relied on “credential stuffing” in an attempt to gain access to customer log-in accounts. The outdoor brand said credit card data remained safe because that information is not stored on its site.
Global Cyber Attacks in the Fashion Industry
Hackers have been targeting fashion firms overseas too, with last year’s targets including Dior, Harrods, Kering, and Marks & Spencer. The fashion industry has become a prime target for cyber attacks, with hackers seeking to gain access to sensitive customer data and extort money from companies. The use of ransomware has become a popular tactic, with hackers using it to lock companies out of their data and demand payment in exchange for the decryption key. As the sportswear industry continues to grow and become more digital, it is likely that cyber attacks will become more common, making it essential for companies to prioritize cybersecurity and protect their customers’ data.
Conclusion
In conclusion, the cyber attacks on Nike and Under Armour are a reminder of the importance of cybersecurity in the sportswear industry. The use of ransomware to extort money from companies is a growing concern, and companies must take steps to protect their data and prevent such attacks. By prioritizing cybersecurity and investing in robust security measures, companies can reduce the risk of a cyber attack and protect their customers’ sensitive information. As the sportswear industry continues to evolve and become more digital, it is essential that companies stay ahead of the threat and take proactive measures to prevent cyber attacks.
