Global fashion brands Adidas and Dior have confirmed separate cyber incidents that resulted in the exposure of customer data, though both reported that no financial information was compromised. The breaches were disclosed through formal notifications and are believed to affect customers in Asia, particularly South Korea and China.
Adidas Korea Breach Involved Customer Support Data
Adidas Korea has begun notifying customers via email that their personal data was exposed following a security breach. The notifications, reported by Korean media outlet SNS News, state that data submitted to Adidas’s customer service center in 2024 and earlier years was accessed by attackers.
The exposed data reportedly includes:
- Names
- Email addresses
- Phone numbers
- Dates of birth
- Other unspecified personal details
Adidas confirmed that no financial information—such as credit card numbers or bank account data—was involved in the breach. The company has not disclosed when the breach occurred or how many individuals were affected.
Dior Discloses Customer Data Exposure Across Multiple Regions
Luxury brand Dior also confirmed a data breach earlier this week, stating that an unauthorized external party accessed customer information. The attack affected customers of Dior Fashion and Accessories, according to a breach notification.
Dior emphasized that payment data was not exposed, stating:
“The database accessed did not contain any financial information, including bank details, IBANs, or credit card information.”
The breach was discovered on May 7th, with Dior Korea posting an official statement on its website. The accessed data includes:
- Contact information
- Purchase history
- Customer preference data
While Dior has not officially detailed which business units were affected, the breach appears to involve customer data from both Korea and China.
Cross-Border Breaches Highlight Global Risk
Matt Hull, Global Head of Threat Intelligence at NCC Group, commented on the wider implications of these incidents:
“Global brands like Dior operate complex systems across multiple markets, which can make them attractive targets for threat actors. The reported access to customer data in China and Korea underscores how breaches can quickly transcend borders and impact individuals internationally.”
The theft of personal information—such as names, contact details, and behavioral data—creates risks including identity theft, phishing, and social engineering. Cybercriminals can impersonate institutions to extract further information or deploy more targeted attacks.
