JD Sports has warned customers that bought items on its website, as well as those of Size?, Blacks and Millets, between November 2018 and October 2020 may have been impacted in the breach.
The company has urged customers to be wary of potential phishing emails, calls and texts in the aftermath of the breach, while claiming they were proactively contacting those whose details were confirmed to be stolen. Paul Bischoff, Consumer Privacy Advocate at Comparitech echoed this sentiment, warning that “customers of JD and its affiliated brands should be on the lookout for targeted phishing messages from JD or a related company. These emails will attempt to get victims to click on a link or malicious attachment. The links might go imitation login pages where victims are tricked into handing over their passwords or payment info. Never click on links or attachments in unsolicited messages!”
While it is not believed that passwords or full payment card data was exposed, JD Sports has admitted that cybercriminals may have gained access to the final four digits’ of customers’ payment cards.
Neil Greenhalgh, CFO at JD Sports, apologised to affected customers and confirmed that the company is working to mitigate damages.
“We are continuing with a full review of our cyber security in partnership with external specialists following this incident. Protecting the data of our customers is an absolute priority for JD,” he said.
A spokesperson for the Information Commissioner’s Office later confirmed it was working with the retailer to get to the bottom of the breach.
“We have been made aware of a cyber incident involvi ..
Support the originator by clicking the read the rest link below.
