JD Sports Says 10 Million Customers Hit By Cyber-Attack

1 Feb 2023

JD Sports have said information that “may have been accessed” by hackers included names, addresses, emails, phone numbers, order details and the final four digits of bank cards. Customers who have placed orders between November 2018 and October 2020 may have been affected. JD’s brands, including Size?, Millets, Blacks, Scotts, and MilletSport, are reported to have been affected by the cyber-attack.

“We want to apologise to those customers who may have been affected by this incident. Protecting the data of our customers is an absolute priority for JD. Affected customers are being advised to be vigilant about potential scam e-mails, calls and texts.”

Neil Greenhalgh, Chief Financial Officer – JD Sports

JD have said that they are working with cyber experts in order to respond to the incident. The company are yet to release a statement on social media, but they have contacted their affected customers by email.

Due to their large customer databases, it seems that retail industries are a common target to cyber criminals.

“The increased use of technology by the industry “to reduce overheads and streamline operations has raised the risk even further.”

“In this new world, it’s not ‘if’ but ‘when’ a cyber-attack will happen.”

Lauren Wills-Dixon, Solicitor & Data Privacy Expert – Gordons Law Firm

This is not the only cyber incident that has affected UK businesses in the past few weeks. Last month, Royal Mail were a victim of a ransomware attack. It has also been reported that the Guardian were a suspected target of cyber crimes too, just before the New Year. To learn more about the recent Royal Mail cyber-attack, please read our recent bulletin here.

The investigation is currently ongoing.