You Can't Outrun Risk
Updated: Jan 12
Another week ends with a major corporation reporting a breach. Adidas has issued a statement, indicating that millions of customer records have been accessed by an unauthorized party. The silver lining in this case, if there is one, is that credit card data and 'fitness information' is not currently believed to be amongst the stolen information.
Three Stripes of Embarrassment
Surely Adidas will suffer some brand short-term damage as a result of the incident, but with the dramatic increase of such breaches it may end up one small voice in a large chorus of embarrassed singers. Before we run and jump to conclusions about how this happened, it is important to remember that breach is effectively inevitable. Given the incredibly complex nature of modern organizations, highly-motivated attackers can always find a way to obtain some level of unauthorized access. Risk avoidance, risk mitigation, and an incident response plan are our best tools to prepare for the day when (not "if") our number comes up.
Identity Theft Protection
An article by PCMag implies that "customers will be offered some form of Identity Theft protection for an extended period of time," although they give no reason why they believe this will be the case. While this hasn't become a standard practice yet, we have observed this increasingly provided to those affected, perhaps as part of a pre-emptive litigation avoidance strategy. Should this trend continue, the identity theft protection industry will be booming for years to come.