JD Sports has advised its customers to change their passwords after the discovery of a cyberattack that may have resulted in the exposure of data belonging to 10 million customers. JD Sports notified its users of the breach via email, stating that the attack impacts customers who placed orders between November 2018 and October 2020. The company stated that the information exposed includes full names, delivery and billing addresses, email addresses, phone numbers, and limited payment card details.
Once the company discovered the breach, its security team responded quickly to address and attack and assess its impacts. Although the breach is older, JD Sports customers should still change their account passwords to prevent certain types of follow up attacks such as credential stuffing.
Read More: JD Sports Confirms Breach Affected 10 Million Customers