JD Sports Fashion Plc, a UK company, has been the latest victim of a cyber attack.
JD Sports informed the City that customer data from some online orders between November 2018 to October 2020 was accessed through a system. This affected its JD, Millets brands, Scotts, Blacks and Scotts brands.
Information that could have been accessed includes the name, billing address and delivery address as well as the email address, phone number, and order details for approximately 10 million customers.
JD is now actively contacting affected customers to warn them about the danger of fraud and phishing attacks. Be on the lookout for suspicious or unusual communications purporting from JD Sports, or any of our group brands.
JD Sports claims it doesn’t hold all payment card data. There is no reason to believe account passwords have been accessed.
The company works with “leading cyber security specialists” and is in contact with relevant authorities, such as the UK’s Information Commissioner’s Office.
Neil Greenhalgh is the chief financial officer at JD Sports.
“We apologize to all customers that may have been affected by the incident.
We advise them to be alert for potential scam calls, e-mails and texts. We also provide details on how to report such messages. After this incident, we are continuing to review our cyber security and work with external experts. JD places data security first.
Royal Mail was the victim of a ransomware operation by a criminal group in April, rendering it unable to send letters or parcels abroad. The Guardian, however, was subject to a ransomware assault in December.
