JD Sports victim of cyber security attack

JD Sports Fashion, one of the UK’s largest suppliers of fishing tackle through its GO Outdoors and Millets brands, has been the target of a cyber incident that has resulted in the unauthorised access to a system that contained customer data relating to some online orders.

The group reported the incident this morning to the London Stock Exchange and said that the brands affected were JD, Size?, Millets, Blacks, Scotts and MilletSport on orders placed between November 2018 and October 2020.

It added that the affected data is limited. “JD Sports does not hold full payment card data and, further, has no reason to believe customer account passwords were accessed.

“We have taken the necessary immediate steps to investigate and respond to the incident, including working with leading cyber security experts. We are engaging with the relevant authorities, including the UK’s Information Commissioner’s Office (ICO), as necessary.

“We are proactively contacting affected customers so that we can advise them to be vigilant to the risk of fraud and phishing attacks. This includes being on the look-out for any suspicious or unusual communications purporting to be from JD Sports or any of our group brands.”

Neil Greenhalgh, Chief Financial Officer of JD Sports, said: “We want to apologise to those customers who may have been affected by this incident. We are advising them to be vigilant about potential scam emails, calls and texts and providing details on how to report these. We are continuing with a full review of our cyber security in partnership with external specialists following this incident. Protecting the data of our customers is an absolute priority for JD.”