Adidas US breach may have exposed millions of customers' personal info • The Register Forums

Friday 29th June 2018 11:36 GMT Anonymous Coward

A US Breach

Keen to point out this excludes them from a GDPR mauling

Friday 29th June 2018 14:26 GMT Phalanx

Re: A US Breach

It doesn't if EU individuals' data has been breached.

8 1 Reply
Friday 29th June 2018 17:41 GMT Tom Paine

Re: A US Breach

Er, no it doesn't. Not if there are EU residents' PII in those databases. (Note: _residents_, not citizens. An American citizen with a US passport working in the UK is covered by GDPR. IANAL, if you get your advice from commentards you deserve anything you get, but that's my understanding anyway... )

6 1 Reply

Friday 29th June 2018 12:29 GMT Blockchain commentard

Why did they store email addresses/passwords in one place and useful info like credit cards in (presumably) another database? Haven't they heard of normalisation?

1 4 Reply

Friday 29th June 2018 16:25 GMT Doctor Syntax

"Why did they store email addresses/passwords in one place and useful info like credit cards in (presumably) another database?"

Because they're keeping the most sensitive stuff separate. Normalisation is one thing, security is another.

5 0 Reply
Friday 29th June 2018 17:46 GMT Anonymous Coward

> Haven't they heard of normalisation?

Have you heard of PCI DSS?

4 0 Reply
Friday 29th June 2018 18:03 GMT a_yank_lurker

"Why did they store email addresses/passwords in one place and useful info like credit cards in (presumably) another database? Haven't they heard of normalisation?"

Normalization is database design paradigm. Also, they may have normalized the database and split the data into separate tables for security purposes. Normalization does not mean all the data that is common to an entity must be in the same table; it just means that data is not duplicated between tables. So splitting the data up for an entity between different tables may be done for a variety of reasons including security.

6 0 Reply
Saturday 30th June 2018 05:14 GMT Anonymous Coward

One reason to do denormalization is speed. If many/most of my reports do not require the credit card fields, you don't' drag them into memory. The security aspect is also there, especially if you have those fields encrypted to begin with and you should damned well have them encrypted even to the dBA's and dBE's.

1 0 Reply

Friday 29th June 2018 13:18 GMT Anonymous Coward

Fab sub-head, ElReg

Better than the alternative "Come quietly, you've been Niked"

1 0 Reply

Friday 29th June 2018 14:29 GMT scrubber

Shoe sizes available online

Should make the Prince's search from Cinderella quite a bit easier.

5 0 Reply

Friday 29th June 2018 14:52 GMT Jay Lenovo

Running joke

They should have secured that data in a "Footlocker"

1 0 Reply

Friday 29th June 2018 15:50 GMT Will Godfrey

News?

At this rate it will be news when we go an entire month without a breach being reported.

7 0 Reply

Friday 29th June 2018 16:27 GMT Doctor Syntax

Re: News?

"At this rate it will be news when we go an entire month without a breach being reported."

When there are so few left intact that it's not worth the effort of going after them.

3 0 Reply
Thursday 5th July 2018 12:33 GMT Anonymous Coward

Re: News?

month....? maybe a week?

0 0 Reply

Friday 29th June 2018 18:46 GMT spold

ADIDAS...

All Day I Dream About Security

6 0 Reply

Friday 29th June 2018 18:51 GMT Ken Moorhouse

They didn't realise that the internet...

...cannot be connected to their sneakernet.

4 0 Reply

Friday 29th June 2018 23:33 GMT MachDiamond

eTailers

So, tell me again how shopping online is so much better than visiting a store and paying in cash.

2 0 Reply

Saturday 30th June 2018 05:17 GMT Anonymous Coward

Re: eTailers

In my case, housebound as I am, online shopping is worth the hassles. There's even more time, money, and aggravation just trying to get to one store during the month let alone all the others.

0 0 Reply
Saturday 30th June 2018 05:51 GMT Ken Moorhouse

Re: So, tell me again...

Depends on whose credit card you're using...

2 0 Reply

Saturday 30th June 2018 20:42 GMT Stoneshop

The company has notified law enforcement and brought in experts

Gumshoes among them?

0 0 Reply

Sunday 1st July 2018 02:34 GMT Anonymous Coward

At least...

...it hasn't sparked the war on pronunciation.

A-dee-das

Versus

Ad-ee-das

1 0 Reply

Monday 2nd July 2018 09:19 GMT Aqua Marina

Re: At least...

Ad-i-das

Where the i sounds as it does in “is”

At lease it was at my school. And Nike was pronounced like “Mike”, none of this Nik-ee rubbish.

0 0 Reply
1. Thursday 5th July 2018 12:38 GMT Anonymous Coward
  
  Re: At least...
  
  Adidas is named after Adi Dassler, the founder. Adi, Not Adee
  
  Nike is named after the goddess of victory, and is pronounced Ni-key
  
  I'll get my coat.
  
  0 0 Reply

Monday 2nd July 2018 04:33 GMT Anonymous Coward

I have a feeling...

that when companies say that breached passwords were encrypted they mean:

cGFzc3dvcmQ=

0 0 Reply

Monday 2nd July 2018 08:37 GMT Anonymous Coward

In my experience...

This will lead to massive spam from companies who buy this stolen data in addition to possible new fraudulent credit card accts. being opened and many more headaches. Companies who are negligent in protecting customer data should be held accountable both financially and criminally. You can bet if CEOs get sent to prison for 5+ years for their negligence, security will be taken much more seriously.

1 0 Reply

Topics

Special Features

Vendor Voice

Resources

COMMENTS

A US Breach

Re: A US Breach

Re: A US Breach

Fab sub-head, ElReg

Shoe sizes available online

Running joke

News?

Re: News?

Re: News?

ADIDAS...

They didn't realise that the internet...

eTailers

Re: eTailers

Re: So, tell me again...

The company has notified law enforcement and brought in experts

At least...

Re: At least...

Re: At least...

I have a feeling...

In my experience...

POST COMMENT House rules

Enter your comment

Add an icon

Other stories you might like

Pandabuy confirms crooks nabbed data on 1.3M punters

US House approves FISA renewal – warrantless surveillance and all

Global taxi software vendor exposes details of nearly 300K across UK and Ireland

SharePoint logs are easily circumvented and Microsoft is dragging its heels

Puppies, kittens, data at risk after 'cyber incident' at veterinary giant

Ransomware gang did steal residents' confidential data, UK city council admits

OWASP server blunder exposes decade of resumes

Nearly 3M people hit in Harvard Pilgrim healthcare data theft

AT&T admits massive 70M+ mid-March customer data dump is real though old

Street newspaper appears to have Big Issue with Qilin ransomware gang

Microsoft confirms memory leak in March Windows Server security update

Yacht dealer to the stars attacked by Rhysida ransomware gang

About Us

Our Websites

Your Privacy