Categories: CyberCrimeSecurity

JD Sports Cyber-Attack Affects Data Of 10 Million Customers

Retail group JD Sports said personal information on some 10 million of its customers may have been accessed as the result of a cyber-attack.

The company said the breach affected some online orders placed by customers between November 2018 and October 2020 from its JD, Size?, Millets, Blacks, Scotts and Millets Sport brands.

The company said it has notified the Information Commissioner’s Office and is contacting affected customers.

JD Sports chief financial officer Neil Greenhalgh said the apologised to affected customers.

‘Be vigilant’

“We are advising them to be vigilant about potential scam emails, calls and texts and providing details on how to report these,” he said.

The data that may have been accessed by hackers includes names, billing and delivery addresses, phone numbers, order details and the final four digits of payment cards for “approximately 10 million unique customers”.

But JD Sports said the data affected was “limited” as it does not hold full payment data. It said it had “no reason to believe” that account passwords were accessed.

The firm said it was taking the “necessary immediate steps” to investigate and respond in collaboration with cybersecurity experts.

Fraud risk

It warned users to be aware of potential fraud and phishing attacks and to “be on the lookout for any suspicious or unusual communications purporting to be from JD Sports or any of our group brands”.

“We are continuing with a full review of our cybersecurity in partnership with external specialists following this incident,” Greenhalgh said. “Protecting the data of our customers is an absolute priority for JD.”

The attack follows a ransomware attack on Royal Mail earlier this month that left it unable to process international parcel and letter deliveries.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

4 hours ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

4 hours ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

5 hours ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

5 hours ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

6 hours ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

6 hours ago