Attention all JD Group Customers


JD Group, a Division of Pepkor Trading Pty Ltd  (“JDG ” / “our” / “we”) provides this notification of a security compromise in terms of section 22 (1)(b) of the Protection of Personal Information Act, 4 of 2013 (“POPIA”).


Your privacy may have been compromised, and we want to provide you with the necessary information and support during this time.


What Happened

A compromise has taken place, and personal information limited to contact details inclusive of e-mail address, gender, tax and VAT numbers, ID numbers as well as country, state/province and physical address coordinates have been exposed.  Please take note that no banking or financial data has been compromised. We take this matter very seriously, and the incident has been contained.

At present, we do not know the source or the identity of the unauthorised person that accessed the personal information.  


Our Response

We have taken immediate action to investigate and mitigate the impact of this security incident. The entire extent of the incident has already been assessed, and our dedicated team has been working on identifying affected data subjects and providing prompt communication. We will also cooperate with regulatory authorities and implement enhanced security measures to mitigate such incidents in the future.


What steps JDG has taken

As soon as JDG became aware of a possible POPIA incident, we embarked on mitigating the incident as follows:

Investigated the extent of the incident
Ensured that the incident has been contained
Communicated in line with our regulatory requirements

What You Need to Do

Your personal information may have been compromised due to this security incident and this could potentially lead to further downstream consequences if left unintended (i.e. identity theft/fraud and social engineering/phishing attempts). If you suspect that your personal information has been compromised, we strongly urge you to take the following steps to safeguard your privacy:

Monitor your transactional activity and report any suspicious activity.
Change your passwords often and ensure there is complexity in the configuration (e.g. with the use of special characters).
Be vigilant for phishing attempts: Be cautious of unsolicited emails, messages, or phone calls asking for personal information or financial details. Legitimate organisations will not request this information via unsecure channels.
Stay updated: Follow official announcements from JD Group and regulatory authorities for further instructions and guidance.
Do not click on any suspicious links.
Only provide personal information when there is a legitimate reason to do so.
Never use the same password to secure your digital presence across different platforms e.g. TikTok, Twitter, Discord, bank account.

We sincerely apologise for any inconvenience and concern this incident may have caused. 


If you have any questions or require assistance, please do not hesitate to contact our information officer at


Your privacy matters to us, and we will continue to keep you informed as we progress in resolving this matter. Together, we can overcome this challenge and strengthen data protection measures across the nation.



JD Group CEO

Updated on 2 June 2023