JD Sports isn't having a particularly good day, and neither do the sports retailer's customers.

The company said that personal data from 10 million customers "may have been accessed" by hackers, the BBC reported Monday. The data is related to online orders made between November 2018 and October 2020, from JD Sports' brands JD, Size?, Millets, Blacks, Scotts, and Millets Sport. It includes names, addresses, email accounts, phone numbers, order details, and the final four digits of bank cards.

Prime Day deals you can shop right now

Products available for purchase here through affiliate links are selected by our merchandising team. If you buy something through links on our site, Mashable may earn an affiliate commission.

• iRobot Roomba Combo i3+ Self-Emptying Robot Vacuum and Mop—$329.99(List Price $599.99)

• Samsung Galaxy Tab A9+ 10.9" 64GB Wi-Fi Tablet—$178.99(List Price $219.99)

• Apple AirPods Pro 2nd Gen With MagSafe USB-C Charging Case—$199.00(List Price $249.00)

• Eero 6 Dual-Band Mesh Wi-Fi 6 System (Router + 2 Extenders)—$149.99(List Price $199.99)

• Apple Watch Series 9 (GPS, 41mm, Midnight, S/M, Sports Band)—$299.00(List Price $399.00)

SEE ALSO:A hacker stumbled upon TSA's no-fly list via unsecured airline server

The silver lining, according to JD Sports, is that hackers did not access full payment card details. The company also doesn't believe that account passwords were accessed by hackers.

Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!

"We want to apologise to those customers who may have been affected by this incident," said Neil Greenhalgh, chief financial officer of JD Sports. The company said it was contacting customers who may have been affected by the hack, telling them to "be vigilant about potential scam emails, calls and texts."

There's no word on why it took well over a year to discover the hack and make it public.

---

Related Stories

---

• How to get your Instagram back after a hack
• Chinese government-linked hackers stole millions in COVID funds
• 'Hacked' FTX scrambles to quarantine whatever crypto is left in it
• Crypto exchange Deribit loses $28 million in a hack
• Binance's BNB cryptocurrency hit by massive $100 million hack

The UK's Royal Mail was recently hit by a ransomware cyberattack, with hackers threatening to publish stolen customer data online. And just days ago, some 35,000 PayPal users were hit by a cyberattack in which hackers accessed users names, postal addresses, and tax identification numbers, among other data.

TopicsCybersecurity