TD Bank and BMO on Bay Street, Toronto, location of CanDeal HQCanadian fixed income trading platform CanDeal is launching a vendor due diligence service that will initially serve the six largest domestic banks, but could be expanded globally in the future.The new utility, built to service BMO, CIBC, National Bank of Canada, RBC, Scotiabank and TD Bank, aims to streamline third-party risk management and regulatory compliance. Jayson Horner, chief executive ...

Core Insights - Adidas has experienced a cybersecurity breach through a third-party customer service provider, exposing customer contact information but not payment or password data [1][2] - This incident reflects a broader trend where hackers target vendors to bypass stronger defenses of major brands [1][4] Company Summary - The breach involved the exposure of names, email addresses, and phone numbers of customers who contacted support, raising concerns about potential phishing and social engineering risks [2] - Adidas has a history of data security incidents, including a significant breach in 2018 affecting millions of U.S. customers, and similar incidents in Turkey and South Korea [3] Industry Summary - Cybercriminals are increasingly targeting third-party vendors due to their weaker security measures, with 30% of breaches in the previous year involving external service providers according to Verizon's 2025 Data Breach Investigations Report [4] - The Adidas breach serves as a warning for the retail sector, emphasizing the need for companies to prioritize third-party risk management as a critical aspect of their security strategy [5] Best Practices for Mitigating Third-Party Risk - Companies are encouraged to adopt a zero trust approach, treating every vendor as a potential risk and limiting data access to what is strictly necessary [7] - Regular incident simulations and continuous vendor assessments are recommended to enhance security measures and response plans [7] - Transparency and security metrics should be demanded from vendors, and executive performance should be tied to improvements in third-party risk management [7]