German sportswear company Adidas on Thursday revealed that it launched an investigation after learning of a potential data breach that could impact millions of its U.S. customers.
In a notice posted on its website, Adidas said an unauthorized party claimed to have gained access to customer information. The company learned of the possible breach on June 26 and called in cybersecurity experts and law enforcement to assist in the investigation.
The unauthorized party may have obtained usernames, password hashes and contact information – which the company describes as “limited data” – of individuals who made purchases on Adidas’ US website, adidas.com/US.
Adidas says there is no evidence that credit card or fitness information has been compromised.
Adidas told some media outlets that the incident could impact “a few million” customers, but its statement suggests that not all customers in the United States are affected.
“While adidas continues its thorough forensic review, adidas is alerting relevant consumers,” the company stated.