Streetwear retailer JD Sports said it was hit by a cyberattack that could have affected up to 10 million online customers.
The attack is said to have taken place in recent days, but the information that hackers could have accessed dates back more than two years. It includes records of online transactions between November 2018 and October 2020.
Names, addresses, emails, phone numbers, order details and the last four digits of credit cards may have been stolen, according to the company. Affected customers are notified. The company advises customers to be on guard against identity theft and spam.
The JD Group brands affected are JD Sports, Size?, Millets, Blacks, Scotts and MilletSport.
Neil Greenhalgh, Chief Financial Officer of JD Sports, said: “We would like to apologize to customers who may have been affected by this incident. report them.
“We are continuing a full review of our cybersecurity in partnership with external specialists following this incident. Protecting our customers’ data is a top priority for JD.”
In a press release, the company said:
“We have taken the immediate steps necessary to investigate and respond to the incident, including working with leading cybersecurity experts. We are engaging with relevant authorities, including the UK’s Information Commissioner’s Office (ICO). -Uni, if necessary.
“We are proactively reaching out to affected customers to advise them to be vigilant of the risk of fraud and phishing attacks. This includes being on the lookout for any suspicious or unusual communications purporting to be from JD Sports or of one of our brands.”
We have contacted JD Group for comment.