JD Sports, a popular British fashion retailer, reportedly announced that may have potentially accessed the financial and personal data of 10 million customers in a cyber-attack.
The breach, which impacted some online orders placed by users between November 2018 and October 2020, affected purchases of products from JD, Size?, Blacks, Millets, Scotts, and Millets Sport.
The retailer stated that it was getting in touch with affected consumers as well as alerting them to suspected scams after notifying the Information Commissioner’s Office regarding the security incident.
It has been reported that JD Sports’ chief financial officer, Neil Greenhalgh, issued an apology to the users who might have been impacted by the breach. Moreover, he urged the customers to look out for potential scam calls, emails, and messages while also offering information on how to report them.
According to the company, about 10 million unique customers’ order information, names, phone numbers, billing, and delivery addresses, and the last four digits of their credit cards were among the data that hackers may have obtained.
JD Sports stated that the affected data is restricted as a result of the fact that it did not keep all payment information giving the company no reason to suspect that account credentials were accessed.
The retailer further assured that it had taken the required effective measures to look into the issue and respond to it, including teaming up with cybersecurity professionals. It also advised customers to look out for new or any unusual or suspicious communications purporting to come from JD Sports or any of the group brands as well as to be aware of possible fraud and phishing scams.
This month, Royal Mail disclosed that it had been the victim of a ransomware hit by a criminal gang, which threatened to post the data that had been hacked online and claimed that it was unable to handle international package and letter deliveries.