
JD Sports, a fashion chain from the UK, has disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020.
This unauthorized access was discovered to a server that contained data related to order placed by 10 million customers.
The data breach impacted the JD, size, Millets, Blacks, Scotts, and MilletSport brands.
The breach has exposed online limited information, including full names, delivery and billing addresses, email addresses, phone numbers, order details, and the last four digits of the customers’ payment cards.
JD Sports says that account passwords were compromised. It also notified UK authorities and hired external cybersecurity experts to investigate the security incident.
Customers are recommended to be vigilant because they can be targeted in frauds and phishing attacks.