French luxury fashion brand Dior suffered a cyberattack on **May 7**, resulting in the exposure of customer data from its **Chinese and South Korean operations**. While account passwords and payment card details remained unaffected, the breach compromised **personal information** of customers, including: - **China**: Full names, gender, phone numbers, email addresses, postal addresses, and purchase histories. - **South Korea**: Contact details, purchase information, and shared preferences (e.g., product interests). The incident has triggered **phishing risks** for affected individuals, with Korean legislators criticizing Dior for **delayed reporting** to authorities. The attack’s scope is still under investigation, but the leaked data—though not financial—poses **reputational and privacy risks**, particularly given the high-profile nature of the brand and its customer base. Authorities and impacted users have been alerted, though the long-term consequences (e.g., fraud, regulatory penalties) remain unclear.
Source: https://www.scworld.com/brief/data-breach-compromises-diors-chinese-korean-clients
Christian Dior Couture cybersecurity rating report: https://www.rankiteo.com/company/christian-dior-couture
"id": "CHR3163431111725",
"linkid": "christian-dior-couture",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Luxury Fashion',
'location': 'China',
'name': 'Dior (Chinese operations)',
'type': 'Subsidiary/Regional Office'},
{'industry': 'Luxury Fashion',
'location': 'South Korea',
'name': 'Dior (South Korean operations)',
'type': 'Subsidiary/Regional Office'}],
'customer_advisories': 'Customers urged to be mindful of potential phishing '
'attacks due to data exposure',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes (full names, '
'gender, phone '
'numbers, email '
'addresses, postal '
'addresses)',
'sensitivity_of_data': 'High (includes PII and purchase '
'histories)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Purchase histories',
'Contact details',
'Shared preferences']},
'date_detected': '2024-05-07',
'description': 'French multinational luxury fashion brand Dior was impacted '
'by a cyberattack on May 7, resulting in the exposure of '
'customer data from its Chinese and South Korean operations. '
'The compromised data includes full names, gender, phone '
'numbers, email addresses, postal addresses, purchase '
'histories, contact details, and shared preferences. Dior has '
'warned affected customers about potential phishing attacks. '
'Korean legislators have criticized Dior for failing to '
'promptly inform authorities.',
'impact': {'brand_reputation_impact': 'Potential damage due to data exposure '
'and delayed notification',
'customer_complaints': 'Criticism from Korean legislators for '
'delayed notification',
'data_compromised': ['Full names',
'Gender',
'Phone numbers',
'Email addresses',
'Postal addresses',
'Purchase histories',
'Contact details',
'Shared preferences'],
'identity_theft_risk': 'High (due to exposed PII)',
'payment_information_risk': 'None (payment card information '
'confirmed not affected)'},
'investigation_status': 'Ongoing',
'references': [{'source': 'BleepingComputer'}],
'regulatory_compliance': {'legal_actions': 'Criticism from Korean legislators '
'for delayed notification to '
'authorities'},
'response': {'communication_strategy': 'Customers urged to be mindful of '
'phishing attacks',
'incident_response_plan_activated': 'Yes (ongoing '
'investigation)'},
'stakeholder_advisories': 'Customers advised to be cautious of phishing '
'attempts',
'title': 'Dior Cyberattack Exposes Customer Data in China and South Korea',
'type': 'Data Breach'}