An alleged massive data leak affected fashion retailer's customers
02.02.2023Back to news
According to the official statement, JD Sports has probably experienced a data privacy incident. Allegedly, personal data and financial details belonging to approximately 10 million users has been illicitly obtained by intruders.
The incident affected online orders made by customers between November 2018 and October 2020.
The company’s representatives notified the Information Commissioner’s Office about the incident and reported that they got in touch with the affected parties and warned them about probable information security risks, such as phishing attempts and other fraud. It was also reported that the investigation was initiated.
The data, which was probably obtained by hackers included:
- Nilling and delivery addresses
- Phone numbers
- Order details
- The final four digits of payment cards
Nevertheless, the company officials claimed that, most probably, account passwords were not accessed and the intruders did not manage to “hold full payment data”.