>
JD Sports falls victim to a cyber-attack as personal data of 10 million customers has been stolen
JD Sports has warned that about 10 million customers’ data may have been stolen in a hack that hit the retailer.
The company said the payment card details were secure and it has no reason to believe that the hackers gained access to users’ passwords.
Hackers accessed a system that contained information about orders placed by JD Sports customers between November 2018 and October 2020.
Cyberattack: Hackers accessed a system containing information about orders placed between November 2018 and October 2020 by JD Sports customers
Addresses, phone numbers and email addresses have been stolen, a JD spokesman admitted. The affected brands include JD, Size?, Millets, Blacks, Scotts and MilletSport.
The intruders could have accessed billing, delivery and email addresses, full names, phone numbers, details of orders placed and the last four digits of payment cards.
JD warned customers to be vigilant about potential fraudsters who could use this information to target them and convince the customers that the store is emailing or texting them.
The company said it would contact those whose data may have been stolen.
“We would like to apologize to the customers who may have been affected by this incident,” said CFO Neil Greenhalgh.
A spokesman for JD Sports said: ‘We are in discussions with the relevant authorities, including the UK Information Commissioner’s Office if necessary.
We are contacting affected customers so that we can advise them to be vigilant about the risk of fraud and phishing attacks.”