Comparison Overview

B&Q

VS

JD Sports Fashion

B&Q

undefined, Southampton, undefined, undefined, GB
Last Update: 2026-04-02
View Profile
Between 750 and 799
https://www.bandqcareers.com/

We are the UK’s leading home improvement and garden living retailer with over 300 stores throughout the UK and Ireland, offering great prices, with over 100,000 products available to order at diy.com for home delivery or click and collect. We launched the UK’s first home improvement marketplace in March 2022, adding additional choice for consumers. The marketplace offers a unique, integrated experience with in-store returns for many products and Click + Collect options being explored. Our team of more than 21,000 colleagues of all ages are respected nationwide for providing great home improvement help to customers. They’re the beating heart of B&Q and their iconic orange aprons are worn with pride. Every year, more than 20 million people improve their homes and make life better with B&Q, and every year the company achieves ever-higher standards for sustainable sourcing and supports our local communities, including funding B&Q Foundation grants and Shelter’s DIY Skills Advisors. For more information on our community initiatives visit diy.com/corporate/community To read our latest Build a Life project report visit diy.com/responsible-business. B&Q is part of Kingfisher plc, the international home improvement company, operating 2000 stores in 8 countries across Europe.

NAICS: 43
NAICS Definition: Retail Trade
Employees: 12,936
Subsidiaries: 10
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

JD Sports Fashion

Hollins Brook Way, Bury, England, GB, BL9 8RR
Last Update: 2026-03-31
Between 700 and 749
https://careers.jdplc.com/

Founded in 1981 with a single store in the Northwest of England, JD Group has grown into a leading global omni-channel retailer in Sports Fashion, Outdoors, and Gyms. Our diverse and dedicated teams operate across a portfolio of renowned retail brands in multiple international markets. Listed on the London Stock Exchange since 1996 and a proud member of the FTSE100 since 2019, JD Group continues to expand both in the UK and globally driven by a commitment to innovation, excellence, and possibility. Our vision is to become the world’s most trusted and dynamic omni-channel retailer in the sports and outdoor industry. We welcome individuals from all backgrounds to join us in shaping this future. If you're passionate about contributing to an inclusive, people-first, and customer-centric organisation and are motivated by continuous growth and operational excellence we’d love to hear from you.

NAICS: 43
NAICS Definition: Retail Trade
Employees: 32,762
Subsidiaries: 12
12-month incidents
0
Known data breaches
2
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/b&q.jpeg
B&Q
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/jd-sports-fashion-plc.jpeg
JD Sports Fashion
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
B&Q
100%
Compliance Rate
0/4 Standards Verified
JD Sports Fashion
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

No incidents recorded for B&Q in 2026.

Incidents vs Retail Industry Average (This Year)

No incidents recorded for JD Sports Fashion in 2026.

Incident History — B&Q (X = Date, Y = Severity)

B&Q cyber incidents detection timeline including parent company and subsidiaries

Incident History — JD Sports Fashion (X = Date, Y = Severity)

JD Sports Fashion cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/b&q.jpeg
B&Q
Incidents

No Incident

https://images.rankiteo.com/companyimages/jd-sports-fashion-plc.jpeg
JD Sports Fashion
Incidents

Date Detected: 11/2023
Type:Breach
Blog: Blog

Date Detected: 01/2023
Type:Data Leak
Blog: Blog

Date Detected: 1/2013
Type:Breach
Attack Vector: Physical Theft
Motivation: Unknown
Blog: Blog

FAQ

B&Q company demonstrates a stronger AI Cybersecurity Score compared to JD Sports Fashion company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

JD Sports Fashion company has historically faced a number of disclosed cyber incidents, whereas B&Q company has not reported any.

In the current year, JD Sports Fashion company and B&Q company have not reported any cyber incidents.

Neither JD Sports Fashion company nor B&Q company has reported experiencing a ransomware attack publicly.

JD Sports Fashion company has disclosed at least one data breach, while B&Q company has not reported such incidents publicly.

Neither JD Sports Fashion company nor B&Q company has reported experiencing targeted cyberattacks publicly.

Neither B&Q company nor JD Sports Fashion company has reported experiencing or disclosing vulnerabilities publicly.

Neither B&Q nor JD Sports Fashion holds any compliance certifications.

Neither company holds any compliance certifications.

JD Sports Fashion company has more subsidiaries worldwide compared to B&Q company.

JD Sports Fashion company employs more people globally than B&Q company, reflecting its scale as a Retail.

Neither B&Q nor JD Sports Fashion holds SOC 2 Type 1 certification.

Neither B&Q nor JD Sports Fashion holds SOC 2 Type 2 certification.

Neither B&Q nor JD Sports Fashion holds ISO 27001 certification.

Neither B&Q nor JD Sports Fashion holds PCI DSS certification.

Neither B&Q nor JD Sports Fashion holds HIPAA certification.

Neither B&Q nor JD Sports Fashion holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References