Categories: CyberCrimeSecurity

JD Sports Cyber-Attack Affects Data Of 10 Million Customers

Retail group JD Sports said personal information on some 10 million of its customers may have been accessed as the result of a cyber-attack.

The company said the breach affected some online orders placed by customers between November 2018 and October 2020 from its JD, Size?, Millets, Blacks, Scotts and Millets Sport brands.

The company said it has notified the Information Commissioner’s Office and is contacting affected customers.

JD Sports chief financial officer Neil Greenhalgh said the apologised to affected customers.

‘Be vigilant’

“We are advising them to be vigilant about potential scam emails, calls and texts and providing details on how to report these,” he said.

The data that may have been accessed by hackers includes names, billing and delivery addresses, phone numbers, order details and the final four digits of payment cards for “approximately 10 million unique customers”.

But JD Sports said the data affected was “limited” as it does not hold full payment data. It said it had “no reason to believe” that account passwords were accessed.

The firm said it was taking the “necessary immediate steps” to investigate and respond in collaboration with cybersecurity experts.

Fraud risk

It warned users to be aware of potential fraud and phishing attacks and to “be on the lookout for any suspicious or unusual communications purporting to be from JD Sports or any of our group brands”.

“We are continuing with a full review of our cybersecurity in partnership with external specialists following this incident,” Greenhalgh said. “Protecting the data of our customers is an absolute priority for JD.”

The attack follows a ransomware attack on Royal Mail earlier this month that left it unable to process international parcel and letter deliveries.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Amazon Boss Denies Return To Office Mandate Is ‘Backdoor Layoff’

CEO Andy Jassy tells Amazon staff that the recent 5-day in-office mandate is not meant…

15 hours ago

Apple Set To Be Fined Under EU’s Tough DMA – Report

Tech giant Apple could be facing another hefty financial penalty, amid a report the EU…

16 hours ago

Serco Tracking Devices On Prison Vans Disabled After Cyberattack

Worrying development. Cyberattack on third party supplier disables tracking systems and panic alarms in Serco…

18 hours ago

UK Orders Chinese Entity To Sell Stake In Scottish Chip Firm FTDI

Chinese owner of Scottish fabless semiconductor firm FTDI ordered to sell majority stake, due to…

21 hours ago

Watchdog Says Vodafone, Three Merger Could Proceed With Certain Remedies

British competition regulator provisionally finds Vodafone, CMA merger can proceed, if 'remedies' on pricing and…

22 hours ago