A cyber attack that targeted JD Sports Fashion Plc (“JD Sports”) led to unauthorized access to a system that held customer information for some online orders done between November 2018 and October 2020.
The JD, Size?, Millets, Blacks, Scotts, and MilletSport brands of the JD Sports group are impacted.
The retailer said it was getting in touch with affected customers and alerting them to potential scams after notifying the Information Commissioner’s Office about the security incident.
JD Sports Server Hacked 10 Million Data Stolen
According to the JD Sports report, “The affected data is limited. JD Sports does not hold full payment card data and, further, has no reason to believe that account passwords were accessed”.
Further, the report says about 10 million distinct customers’ names, billing and delivery addresses, email and phone numbers, order information, and the last four digits of their payment cards are among the data that may have been accessed.
JD Sports stated that it had taken the “necessary immediate steps” to look into the incident and respond to it, including working with cybersecurity experts.
It also advised customers to be on the lookout for any suspicious or unusual communications purporting to be from JD Sports or any of our group brands as well as to be aware of potential fraud and phishing attacks.
“We want to apologize to those customers who may have been affected by this incident,” said Neil Greenhalgh, the JD Sports chief financial officer.
“We are advising them to be vigilant about potential scam emails, calls, and texts and providing details on how to report these.”
Finally, Greenhalgh stated that the company is continuing with a full review of its cybersecurity and that “protecting the data of our customers is an absolute priority.”
Network Security Checklist – Download Free E-Book