UK-based sportswear chain JD Sports has confirmed that it has suffered a cyber attack, which may have compromised the personal information of 10 million customers.
The data that “may have been accessed” by the hackers includes names, addresses, email accounts, phone numbers, order details, and the final four digits of bank cards.
The company stated that the affected data was related to online orders made between November 2018 and October 2020, and that it did not hold full payment card details or believe that account passwords were accessed by the hackers.
JD Sports has been working with cyber security experts and is engaging with the UK’s Information Commissioner’s Office (ICO) in response to the incident. Affected customers are being advised to be vigilant against potential scam emails, calls, and texts. The company’s apology was made by its CFO, Neil Greenhalgh, who said that protecting customer data was an “absolute priority” for JD.
The increased use of technology by retailers has heightened the risk of cyber attacks, which are becoming increasingly common. Retailers hold large amounts of customer data and experts say that firms need to do more to plan for them.
The ICO confirmed that it was aware of the attack and was assessing information provided by JD Sports. Bridewell, a cyber security company, commented that it was seeing a rise in malicious software being used by criminals to steal information from companies.
Leave a Reply