JD Sports customers at risk of fraud after cyber attack
We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info
Millions of JD Sports customers are being advised to watch out for scams after the fashion retailer was subject to a cyber attack.
Customer data, including names, email addresses and the final four digits of payment cards, was accessed in the incident.
They related to some online orders placed between November 2018 and October 2020. The affected JD Sports group brands are JD, Size?, Millets, Blacks, Scotts and MilletSport.
Now JD Sports, which has headquarters in Bury, Greater Manchester, has urged customers to look out for potential scam e-mails, calls and texts.
Neil Greenhalgh, chief financial officer of JD Sports, said: “We want to apologise to those customers who may have been affected by this incident. We are advising them to be vigilant about potential scam e-mails, calls and texts and providing details on how to report these.
“We are continuing with a full review of our cyber security in partnership with external specialists following this incident. Protecting the data of our customers is an absolute priority for JD.”
Are you affected by the cyber incident? Contact [email protected]
One woman, a photographer in London, tweeted: “Nice one @JDSports *only* my name, full address, email and phone number were leaked.”
JD Sports, which has more than 3,000 outlets across the UK, says the affected data is limited.
In a press release today, the company said: “JD Sports Fashion Plc (“JD Sports”) has been the target of a cyber incident which resulted in the unauthorised access to a system that contained customer data relating to some online orders placed between November 2018 and October 2020. The affected JD Sports group brands are JD, Size?, Millets, Blacks, Scotts and MilletSport.
“The affected data is limited. JD Sports does not hold full payment card data and, further, has no reason to believe that account passwords were accessed.
“The information that may have been accessed consists of the name, billing address, delivery address, email address, phone number, order details and the final four digits of payment cards of approximately 10 million unique customers.
“We have taken the necessary immediate steps to investigate and respond to the incident, including working with leading cyber security experts. We are engaging with the relevant authorities, including the
“We are proactively contacting affected customers so that we can advise them to be vigilant to the risk of fraud and phishing attacks. This includes being on the look-out for any suspicious or unusual communications purporting to be from JD Sports or any of our group brands.”
Source: Read Full Article