Dior Reports Cybersecurity Incident and Alerts of Potential Data Breach

The House of Dior, a prominent French luxury fashion brand, has officially reported a cybersecurity incident that has resulted in the exposure of customer data. A company spokesperson confirmed that the incident primarily affects customers of Dior’s Fashion and Accessories division. Currently, a team of cybersecurity professionals is conducting a thorough investigation to ascertain the extent of the breach.

The spokesperson stated, “The House of Dior recently discovered that an unauthorized external party accessed some of the data we hold for our Dior Fashion and Accessories customers.” In light of this incident, the company has activated its response protocols to contain the situation. Teams at Dior, in collaboration with leading cybersecurity experts, are actively engaged in investigating and mitigating the impacts of the breach.

Importantly, Dior clarified that no account passwords or payment card details were compromised during this incident, as these sensitive pieces of information are stored in a secure database that remains unaffected. “No passwords or payment information, including bank account or payment card information, were in the database affected in the incident,” the spokesperson emphasized.

Dior is currently in the process of notifying relevant regulators and customers according to applicable legal requirements. The protection of customer data remains a top priority, and the company expressed regret for any concern or inconvenience this may have caused.

Regional Impact

Though Dior has not disclosed specific numbers regarding affected customers or the geographical scope of the incident, it has confirmed that its South Korean website was impacted. Reports indicate that some customers in China have also received notifications related to the data breach.

Screenshots of notifications posted online reveal that the breach was identified on May 7, and unauthorized access led to the exposure of various types of personal data, including:

– Full name
– Gender
– Phone number
– Email address
– Postal address
– Purchase history

The notice shared on Dior’s South Korean website similarly noted that the incident occurred on May 7, indicating an international cybersecurity event.

Currently, only contact information, purchase details, and customer preferences are flagged as potentially compromised.

Legal Scrutiny and Customer Vigilance

In response to the data breach, local media reports indicate that Dior faces legal scrutiny in South Korea for not promptly notifying all relevant authorities about the incident. The company has advised its customers to remain vigilant against phishing attempts that could exploit their personal information and to contact Dior if they suspect any fraudulent activity linked to brand impersonation.

As of now, Dior has not publicly disclosed information regarding the total number of affected customers or the countries involved in the breach, but efforts are ongoing to ensure transparency and compliance with legal obligations.