JD Sports falls victim to cyberattack as 10 million customers have personal data stolen
JD Sports has warned that around 10 million customers could have had their details stolen in a hack that hit the retailer.
The company said the payment card details were safe and it had no reason to believe the hackers had gained access to users’ passwords.
The hackers gained access to a system containing information on orders placed between November 2018 and October 2020 by JD Sports customers.
Cyberattack: hackers accessed a system containing information on orders placed between November 2018 and October 2020 by JD Sports customers
Addresses, phone numbers and email addresses were stolen, a JD spokesperson admitted. Brands impacted include JD, Size?, Millets, Blacks, Scotts and MilletSport.
The intruders could have had access to billing, shipping and email addresses, full names, phone numbers, details of orders placed and the last four digits of payment cards.
JD warned customers to be vigilant against any potential fraudsters who might use this information to target them and convince customers that the store is emailing or texting them.
The company said it would contact those whose data may have been stolen.
“We want to apologize to customers who may have been impacted by this incident,” Chief Financial Officer Neil Greenhalgh said.
A spokesperson for JD Sports said: “We are working with the relevant authorities, including the UK Information Commissioner’s Office if necessary.”
We are contacting affected customers to advise them to be vigilant against the risk of fraud and phishing attacks.