Skip to main content

Data Breach Affects 10m Customers as JD Hit With Cyber-Attack

Have you been affected by the JD Data Breach?

Personal and financial information has potentially been accessed by hackers after JD Sports was targeted between November 2018 and October 2020.

Fashion retailer JD Sports has today announced that 10 million of its customers may have had their details breach in a huge cyber-attack. The sports retailer has said personal and financial details have potentially been accessed.

The company has said the incident affected some online purchases made by customers between the years of November 2018 and October 2020, with targeted purchases of its JD, Size?, Millets, Blacks, Scotts and Millets Sports brands.

JD Sports has informed the Information Commissioner’s Office about the security breach, and has said it now contacting affected customers, warning them to be vigilant of potential scams.

Below is the email that has been sent out this week:

JD Sports has said that card payment details are safe, but addresses, phone numbers and emails are not.

Its chief financial officer, Neil Greenhalgh, has said:

We want to apologise to those customers who may have been affected by this incident.

We are advising them to be vigilant about potential scam emails, calls and texts and providing details on how to report these.

JD Sports said it had taken the “necessary immediate steps” to investigate and respond to the incident, including working with cybersecurity experts, and to be aware of potential fraud and phishing attacks and “be on the lookout for any suspicious or unusual communications purporting to be from JD Sports or any of our group brands”.

Increasing Cyber-Attacks

This is the latest in a long string of cyber-attacks that have hit various UK companies in the past few months.

Last Thursday, Royal Mail was able to resume international signed deliveries for business customers after an attack of their own. The parcel delivery firm had warned it had experienced “severe disruption” and was unable to send millions of letters and parcels due to a “cyber incident” by a cell of hackers believed to be linked to Russia.

The Guardian newspaper was also recently subject to a ransomware attack in December after staff’s personal details were targeted in a “highly-sophistcated” cyber-attack.

Experts warn that these attacks could continue to increase as hackers become more sophisticated and as more of our lives are housed online.


Data Breach Compensation

If you believe your data has been stolen after you trusted a business to keep it safe, you may be eligible for thousands in data breach compensation.

While many companies will take the appropriate actions to safeguard our data, some will cut corners, leaving them vulnerable to cyberattacks. If your data has been exposed due to the security failures of an organisation that held your personal details, you have a right to claim data breach compensation for your suffering.

If your private information has been stolen, misused, disclosed to third-parties without your permission, or lost, and you have suffered financial loss or distress, then you may be eligible to claim.

Examples of data breaches include:

  • Bank details being stolen via a cyber attack
  • Private details being used for fraud or identity theft
  • Names and addresses of customers appearing online
  • Names and addresses of those who have signed up to sensitive websites, such as dating sites, being exposed
  • Medical details being wrongly distributed
  • Personal details being distributed in a group email

Compensation for a GDPR infringement occurs where there has been a significant breach of your data and you wish to file a claim for the suffering it has caused.

Typical data breach compensation claims, like the leaking of your name, date of birth, home address, and email address, can equate to £900-£2,000. For more serious breaches, such as medical information or financial information being divulged, this figure may rise to £8,000.

Find out today if you are eligible by getting in touch on the form below.

Ready To Get Started? provides a free educational service to the public, and connects potential claimants with pre-vetted legal firms operating on our panel. 

Our panel of legal firms all:

  • Operate on a No-Win, No Fee Basis
  • Require No Upfront Fees
  • Are Regulated by either the FCA or SRA

Start your claim today by completing the quick enquiry form below.

Data Breach Claim

About the author

The ClaimExperts Team

Here at, we like to keep on top of current news related to all sorts of legal matters and queries. On our blog, you will find recent news, opinions and useful information in relation to lots of claim types. - We Are Here to Help You

Our mission is to provide comprehensive claim guides for multiple claims, and connect you with expert legal firms.

Our Most Popular Claim Guides

Important Information:

Fairweather Group Ltd t/a do not give legal advice. You do not need to use a claims management company to make a claim. You have the right to use the relevant Ombudsman to seek redress for free. More information on your particular Ombudsman can be found on our Terms & Conditions. You can also seek legal advice elsewhere.

The No Win No Fee Success Fee is based on which expert panel member we refer you to and is payable to them. Our panel currently consists of a number of law firms, which can also be found on our Terms & Conditions. The No Win, No Fee varies, but is generally between 25%- 50%+VAT.

There may be a termination fee if you cancel your claim with a panel member after the cooling-off period. We are paid a referral fee by our panel members for a successful introduction. Fairweather Group Ltd will not charge you for our service.