Eau no! Dior tells customers their data was swiped in cyber snafu
(2025/07/24)
- Reference: 1753354865
- News link: https://www.theregister.co.uk/2025/07/24/eau_no_dior_tells_customers/
- Source link:
Updated Fashion house Dior has begun dropping data breach notices after cybercrooks with a taste for high-end targets made off with customer data.
LVMH-owned Dior, the French purveyor of overpriced frocks and fragrances, confirmed in a [1]breach notification letter filed with California's attorney general that US customer data had been accessed during a recent cyberattack.
Dior first detected something was amiss on May 7, according to the letter, and a subsequent investigation traced the intrusion back to January 26, when an unidentified miscreant "was able to gain access to a Dior database that contained information about Dior clients."
[2]
In a letter sent to those affected, Dior confirms that the trove included names, addresses, contact details, dates of birth, and, in some cases, a passport or government ID number. A lucky few also had their Social Security Numbers thrown into the mix.
[3]
[4]
Payment details, such as bank account and payment card information, were not stored in the ill-fated database, Dior said.
Dior hasn't confirmed how many individuals had their data swiped and didn't respond to The Register 's questions. However, in separate filings with the Texas and Washington attorneys general this week, spied by The Register , it's revealed that [5]9,716 and 10,878 individuals had data pilfered during the incident, respectively, suggesting the global tally could be significantly higher.
[6]
Whether UK-based Dior customers were caught up in the breach remains unclear. We've has asked the Information Commissioner's Office if it's had any word from the fashion house.
[7]Experts count staggering costs incurred by UK retail amid cyberattack hell
[8]Crooks fleece The North Face accounts with recycled logins
[9]Microsoft SharePoint victim count hits 400+ orgs in ongoing attacks
[10]$380M lawsuit claims intruder got Clorox's passwords from Cognizant simply by asking
The company claims the incident was contained and that there's "no evidence" of further unauthorized access after the January break-in, though how exactly the attacker gained entry remains unclear. Dior says it has beefed up security and notified law enforcement, and it's advising its affluent customers to keep an eye on their inboxes and report any suspicious activity.
The attack is believed to be the work of ShinyHunters, a prolific data-slurping crew previously linked to digital burglaries at a range of tech firms and fashion brands. The same group is also suspected in a recent attack on Louis Vuitton, which, like Dior, is part of luxury mega-conglomerate LVMH.
According to [11]Bleeping Computer , Louis Vuitton stated that customer data had been accessed in the UK, South Korea, Turkey, Italy, and Sweden, in what appears to be a coordinated assault on the wardrobes of the world's well-heeled. ®
Updated at 12.53 UTC on July 24, 2025, to add:
[12]
Following publication of this article, the ICO got in contact with a statement on the Dior incident.
"We have received a report from Christian Dior and are assessing the information provided.
Get our [13]Tech Resources
[1] https://oag.ca.gov/ecrime/databreach/reports/sb24-605648
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://oag.my.site.com/datasecuritybreachreport/apex/DataSecurityReportsPage
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://www.theregister.com/2025/06/23/experts_count_the_staggering_costs/
[8] https://www.theregister.com/2025/06/03/north_face_credential_stuffing/
[9] https://www.theregister.com/2025/07/23/microsoft_sharepoint_400_orgs/
[10] https://www.theregister.com/2025/07/23/lawsuit_clorox_vs_cognizant/
[11] https://www.bleepingcomputer.com/news/security/louis-vuitton-says-regional-data-breaches-tied-to-same-cyberattack/
[12] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[13] https://whitepapers.theregister.com/
LVMH-owned Dior, the French purveyor of overpriced frocks and fragrances, confirmed in a [1]breach notification letter filed with California's attorney general that US customer data had been accessed during a recent cyberattack.
Dior first detected something was amiss on May 7, according to the letter, and a subsequent investigation traced the intrusion back to January 26, when an unidentified miscreant "was able to gain access to a Dior database that contained information about Dior clients."
[2]
In a letter sent to those affected, Dior confirms that the trove included names, addresses, contact details, dates of birth, and, in some cases, a passport or government ID number. A lucky few also had their Social Security Numbers thrown into the mix.
[3]
[4]
Payment details, such as bank account and payment card information, were not stored in the ill-fated database, Dior said.
Dior hasn't confirmed how many individuals had their data swiped and didn't respond to The Register 's questions. However, in separate filings with the Texas and Washington attorneys general this week, spied by The Register , it's revealed that [5]9,716 and 10,878 individuals had data pilfered during the incident, respectively, suggesting the global tally could be significantly higher.
[6]
Whether UK-based Dior customers were caught up in the breach remains unclear. We've has asked the Information Commissioner's Office if it's had any word from the fashion house.
[7]Experts count staggering costs incurred by UK retail amid cyberattack hell
[8]Crooks fleece The North Face accounts with recycled logins
[9]Microsoft SharePoint victim count hits 400+ orgs in ongoing attacks
[10]$380M lawsuit claims intruder got Clorox's passwords from Cognizant simply by asking
The company claims the incident was contained and that there's "no evidence" of further unauthorized access after the January break-in, though how exactly the attacker gained entry remains unclear. Dior says it has beefed up security and notified law enforcement, and it's advising its affluent customers to keep an eye on their inboxes and report any suspicious activity.
The attack is believed to be the work of ShinyHunters, a prolific data-slurping crew previously linked to digital burglaries at a range of tech firms and fashion brands. The same group is also suspected in a recent attack on Louis Vuitton, which, like Dior, is part of luxury mega-conglomerate LVMH.
According to [11]Bleeping Computer , Louis Vuitton stated that customer data had been accessed in the UK, South Korea, Turkey, Italy, and Sweden, in what appears to be a coordinated assault on the wardrobes of the world's well-heeled. ®
Updated at 12.53 UTC on July 24, 2025, to add:
[12]
Following publication of this article, the ICO got in contact with a statement on the Dior incident.
"We have received a report from Christian Dior and are assessing the information provided.
Get our [13]Tech Resources
[1] https://oag.ca.gov/ecrime/databreach/reports/sb24-605648
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://oag.my.site.com/datasecuritybreachreport/apex/DataSecurityReportsPage
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://www.theregister.com/2025/06/23/experts_count_the_staggering_costs/
[8] https://www.theregister.com/2025/06/03/north_face_credential_stuffing/
[9] https://www.theregister.com/2025/07/23/microsoft_sharepoint_400_orgs/
[10] https://www.theregister.com/2025/07/23/lawsuit_clorox_vs_cognizant/
[11] https://www.bleepingcomputer.com/news/security/louis-vuitton-says-regional-data-breaches-tied-to-same-cyberattack/
[12] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aIZNOAjFu5hWFzbG10lXewAAAAM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[13] https://whitepapers.theregister.com/
Anonymous Coward
Whatever they were wearing, they were caught with their knickers down.
Yet Again
An_Old_Dog
...dates of birth, and, in some cases, a passport or government ID number. A lucky few also had their Social Security Numbers thrown into the mix.
WTF is a corporation doing with this data, and how did they get it in the first place? Did their customers willingly supply it?
Re: Yet Again
Homo.Sapien.Floridanus
... keeping all that data doesn't make a lot of scent.
Re: Yet Again
Anonymous Coward
Something stinks for sure.
The company claims the incident was contained
Falmari
"The company claims the incident was contained"
Contained that's not how you say "only discovered 3 moths later" .
Apparently the hackers were tracked through the Internet to a little black address.