Personal Data Compromised, No Financial Information Affected
Luxury fashion brand Christian Dior has confirmed a data breach involving the unauthorized access of customer information in China. The company began notifying affected users via text message on Monday night, warning of potential misuse and urging increased vigilance among its clientele.
“We recently identified a security breach that resulted in unauthorized access to certain data we hold, including customer information,” a Dior customer service representative told Global Times.
The breach, discovered on May 7, exposed several categories of personal data but did not compromise financial information, such as bank details or credit card numbers.
Details of Leaked Customer Data
The accessed data includes:
- Full names and gender
- Phone numbers and email addresses
- Mailing addresses
- Purchase amounts
- Shopping preferences
- Other user-specific information stored by Dior
According to Dior’s customer service, only those directly affected by the breach received the alert via SMS. The company has not disclosed how many customers were impacted but emphasized that financial records were not included in the compromised data set.
Dior Advises Chinese Customers to Remain Cautious
In its advisory, Dior urged customers in China to exercise extreme caution in the wake of the breach. The brand issued the following cybersecurity recommendations:
- Avoid clicking on unsolicited messages, calls, or emails
- Do not disclose verification codes, passwords, or any sensitive credentials
- Stay alert for signs of phishing attempts or social engineering attacks
The company’s swift public communication highlights an effort to mitigate reputational damage and reduce the risk of secondary cyberattacks like impersonation fraud or account takeovers.
Investigation Underway with Limited Details Available
Dior confirmed it is conducting an ongoing investigation into the incident but has not released technical specifics, such as the method of compromise or the identity of the threat actor.
“Upon discovering the issue, we immediately took steps to contain it,” the Dior representative said. “If there are any developments in the investigation, customers with inquiries will be updated directly via phone.”
As of now, there is no confirmation whether the breach stemmed from an external cyberattack, insider threat, or a third-party service provider vulnerability.
