From global sporting events to public sector organisations and major tech platforms, February’s incidents reinforce a consistent message: attackers are opportunistic, persistent and increasingly sophisticated. Read more in this February cybersecurity roundup.
According to reports, attackers alleged they obtained more than 800,000 rows of data, including names, email addresses and other details. Adidas stated there is currently no indication that its own IT infrastructure, e-commerce platforms or consumer data were affected, emphasising that the breach happened within a partner’s systems.
The incident follows a similar third-party security event last year, reinforcing the persistent risks to do with supplier ecosystems. Although this case seems limited to data exposure at a partner organisation, supply chain incidents can provide attackers with a pathway into core networks and customer environments.
As Ian Groves of Start Tech commented on LinkedIn:
“A supplier was [breached]. Adidas just get the headline.
815,000 rows of customer data gone from a third party they trusted.
Your supply chain is part of your attack surface.”
This case serves as a timely reminder that third-party risk management is not just a compliance exercise. Supplier due diligence, contractual security requirements, access controls and continuous monitoring are essential to lessening exposure across the wider system.
At the recent 2026 Winter Olympics, organisers in Milan and Cortina had to ramp up their cybersecurity measures due to warnings about large-scale sporting events remaining prime targets.
Security teams reportedly deployed AI-driven monitoring, stress-testing and incident simulations to combat disruptions. The focus was on maintaining service availability under pressure.
Newsletter platform Substack has disclosed a breach affecting user email addresses and phone numbers after unauthorised access to the system.
Although passwords were reportedly not compromised, exposed contact details can increase the risk of phishing and impersonation attacks, especially with Substack’s high-profile publisher and subscriber base.
This incident highlights the risks digital platforms face and the importance of limiting stored personal data, strengthening internal access controls and continuous monitoring for suspicious activity.
Investigations and support measures remain in place, and the breach has reinforced concerns around data governance, secure handling procedures and the human factor in cybersecurity incidents. It has been reported that the Department of Justice (DoJ) took instant action and removed the online public court list as a precautionary measure.
For public sector organisations especially, this event displays how procedural weaknesses, not just technical flaws, can result in significant operational and personal risk even years after the initial breach.
The campaign targets SMEs where simple, low-cost measures can significantly reduce exposure to everyday threats such as phishing and ransomware.
The initiative echoes growing concern around internet-facing assets that organisations may not realise are exposed. Proactively identifying and reducing digital footprint is becoming a central component of modern cyber resilience strategies.
Board-level engagement is improving, and adoption of baseline standards is increasing. However smaller organisations continue facing challenges in taking awareness into consistent, measurable controls.
Events such as the Winter Olympics demonstrate how large operations that depend on technology create wide attack surfaces and attract those seeking disruption, visibility and reputational damage.
Breaches involving police forces and government bodies emphasise how employee data and different internal systems can become valuable entry points.
Government campaigns and survey findings continue to show that actions such as multi-factor authentication, updates, backups and staff awareness significantly reduce exposure.
At Brigantia, we support channel partners in protecting their clients with our selected vendor portfolio, specialists and dedicated support. As regulatory expectations and threat tactics evolve, we help our partners strengthen their security plans in a way that works for them.
To read more articles like this, head to our news and articles page. To explore our cybersecurity vendors or discuss how we can support your security offering, visit our vendor page or get in touch with the Brigantia team.