Customer information from orders placed between November 2018 and October 2020 was exposed due to a data breach, according to the UK sports apparel retailer JD Sports.
The business found that a server containing information about orders placed by 10 million clients had been accessed without authorization.
The security compromise may have exposed limited information online, including complete names, delivery and billing addresses, email addresses, phone numbers, order details, and the last four digits of the customers' credit cards, according to the company's warning.
The business reported the security incident to UK authorities and engaged outside cybersecurity specialists to look into it.
Source: https://securityaffairs.com/141580/data-breach/jd-sports-data-breach.html
"id": "JDS224281023",
"linkid": "jd-sports-fashion-plc",
"type": "Data Leak",
"date": "01/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"