An investigation by the German sportswear giant has found that compromised information could include contact data and usernames as well as encrypted passwords.
Cyber criminals targeted the American version of the Adidas website specifically, although the site also processes orders from across the world.
In a statement, the firm said: “Adidas today announced that it is alerting certain consumers who purchased on adidas.com/US about a potential data security incident.
“On June 26, Adidas became aware that an unauthorised party claims to have acquired limited data associated with certain consumers. Adidas is committed to the privacy and security of its consumers' personal data. Adidas immediately began taking steps to determine the scope of the issue and to alert relevant consumers."
The company added that it is working with "leading data security firms and law enforcement authorities" to investigate the issue and insisted that it did not believe any credit card details or fitness information from fans was stolen.
Adidas said: “According to the preliminary investigation, the limited data includes contact information, usernames and encrypted passwords. Adidas has no reason to believe that any credit card or fitness information of those consumers was impacted. While we continue our thorough forensic review, Adidas is alerting relevant consumers.”