The retailer apologised for the data breach (Picture: Getty Images)

A major security breach at JD Sports has put the personal details of about 10 million people at risk.

Names, home addresses, phone numbers, emails and the final four digits of cards ‘may have been accessed’ in a cyber attack that hit the sportswear chain.

The business stressed payment card details were safe, adding it has no reason to think the hackers have accessed users’ passwords.

The information related to online orders between November 2018 and October 2020.

JD, Size?, Millets, Blacks, Scotts and MilletSport are some of the brands affected by the breach.

The company warned customers to be vigilant against any potential fraudsters pretending to be emailing or texting from JD.

‘We want to apologise to those customers who may have been affected by this incident,’ said chief financial officer Neil Greenhalgh.

‘We are advising them to be vigilant about potential scam emails, calls and texts and providing details on how to report these.

‘We are continuing with a full review of our cyber security in partnership with external specialists following this incident.

‘Protecting the data of our customers is an absolute priority for JD.’

The business said that it would proactively contact customers whose data might have been taken in the breach.

It is the latest in a series of recent high-profile cyber attacks on British companies including Royal Mail.

Credit: metro.co.uk