Source link JD Sports, a British sportswear and fashion retailer and owner of sportswear brand JD, has announced that a cyber attack resulted in the personal details of 10 millions customers being accessed by attackers.
The company disclosed the attack on its website yesterday after detecting unauthorized access to its systems on April 5th. The incident affected customers in the United Kingdom, with details including names, email addresses, birth dates, and telephone numbers potentially compromised.
The attack is believed to have been carried out by a group of professional criminals with specialist knowledge and capabilities, thought to have accessed the company’s systems seven times starting in April 2020.
JD Sports CEO, Peter Cowgill, said: “We have taken action to contain the attack and have engaged a leading cyber security firm to investigate and to recommend further measures to enhance our security. We have also been engaging with law enforcement and have notified the Information Commissioner’s Office. We are contacting the customers concerned to issue an apology and to give them advice on any protective steps they should take.”
The company is urging customers who may have been affected to remain vigilant for any suspicious or unexpected emails, calls, or other communication appearing to come from the company and to avoid clicking on any email links or attachments. Customers are also being asked to make sure to regularly change their passwords, to be aware of any suspicious or unusual activity on their accounts, and to report immediately any suspicious activity to the company.
Although there is no evidence of financial details being accessed, this is a major incident and a reminder of the continued threat posed by cyber criminals. Businesses need to stay vigilant and prepared by implementing robust security measures to protect their systems and their customers’ data.