JD Sports isn't having a particularly good day, and neither do the sports retailer's customers.
The company said that personal data from 10 million customers "may have been accessed" by hackers, the BBC reported Monday. The data is related to online orders made between November 2018 and October 2020, from JD Sports' brands JD, Size?, Millets, Blacks, Scotts, and Millets Sport. It includes names, addresses, email accounts, phone numbers, order details, and the final four digits of bank cards.
iRobot Roomba Combo i3+ Self-Emptying Robot Vacuum and Mop—$329.99(List Price $599.99)
Samsung Galaxy Tab A9+ 10.9" 64GB Wi-Fi Tablet—$178.99(List Price $219.99)
Apple AirPods Pro 2nd Gen With MagSafe USB-C Charging Case—$199.00(List Price $249.00)
Eero 6 Dual-Band Mesh Wi-Fi 6 System (Router + 2 Extenders)—$149.99(List Price $199.99)
Apple Watch Series 9 (GPS, 41mm, Midnight, S/M, Sports Band)—$299.00(List Price $399.00)
The silver lining, according to JD Sports, is that hackers did not access full payment card details. The company also doesn't believe that account passwords were accessed by hackers.
"We want to apologise to those customers who may have been affected by this incident," said Neil Greenhalgh, chief financial officer of JD Sports. The company said it was contacting customers who may have been affected by the hack, telling them to "be vigilant about potential scam emails, calls and texts."
There's no word on why it took well over a year to discover the hack and make it public.
The UK's Royal Mail was recently hit by a ransomware cyberattack, with hackers threatening to publish stolen customer data online. And just days ago, some 35,000 PayPal users were hit by a cyberattack in which hackers accessed users names, postal addresses, and tax identification numbers, among other data.
TopicsCybersecurity