JD Sports hacked? In a press release published on Monday January 30, 2023, the fashion brand said it had been the victim of a “cyberincident”. The personal data of some of its customers could be accessed by an unauthorized third party.
Email address, phone number, name…
The private data of 10 million people would be compromised, according to the group, which does not specify whether all the countries where it is present are affected. Specifically, it is a system containing customer data linked to purchases made between November 2018 and October 2020 that would have been targeted. The JD, Size, Millets, Blacks, Scotts and MilletSport brands would all be affected by the intrusion.
Although JD Sports only has partial information on the payment cards, confidential data could be consulted, such as the billing address, the name, the delivery and email addresses, the telephone number, the details of the order, as well as the last four digits of the bank cards. As for passwords, the group says it does not have “no reason to believe” that they have been consulted.
Phishing risk
To understand the ins and outs of this hack, JD Sports is conducting an investigation and collaborating with experts. The British company also says it is ready to work with the Commissioner’s Office, the equivalent of the Cnil across the Channel. Finally, the group is currently contacting consumers potentially affected by the cyberattack, with a warning of the future risk of fraud and phishing. The data stolen by the hacker can indeed be used to carry out a targeted campaign of phishing.
