JD Sports cyber attack puts 10m customers’ data at risk

jd sports hack 10 million customers
jd sports hack 10 million customers

Ten million people risk having their phone numbers and email addresses stolen by criminals after JD Sports was hit by a cyber attack.

JD Sports warned that customers who had bought items on its website, as well as Size?, Blacks and Millets, between November 2018 and October 2020 may have been affected.

The retailer said customers must be vigilant over potential scam emails, calls and texts in the wake of the attack, and that it was proactively contacting those whose details had been stolen.

It does not believe passwords have been accessed and it does not hold full payment card data, although it said that the hackers could have gained access to the final four digits' of customers' payment cards.

JD Sports chief financial officer Neil Greenhalgh apologised to customers affected by the incident.

He said: "We are continuing with a full review of our cyber security in partnership with external specialists following this incident.

"Protecting the data of our customers is an absolute priority for JD."

It is the latest company to be hit by a cyber attack, with Royal Mail only last week restarting international deliveries following what was said to have been a ransomware attack. Last month, the Guardian was hit by a ransomware attack, which forced staff to work from home during the disruption.

The cyberattack is a blow for JD Sports, which has shrugged off cost of living pressures and earlier this month said it had recorded its best week ever over Christmas.

JD Sports is expecting profits to top £1bn for the first time this year. In its latest financial year, which ended January 28, it said profits would be at the top end of a range of analyst forecasts, which had been at around £985m.

The company recently experienced a change at the helm, with Peter Cowgill stepping back from the company in a shock move after 18 years in charge.

JD Sports had said it was overhauling its culture after an internal review which found its "internal infrastructure, governance and controls have not developed at the same pace”.