French luxury fashion brand Dior suffered a cyberattack on May 7, resulting in the exposure of customer data from its Chinese and South Korean operations. While account passwords and payment card details remained unaffected, the breach compromised personal information of customers, including: - China: Full names, gender, phone numbers, email addresses, postal addresses, and purchase histories. - South Korea: Contact details, purchase information, and shared preferences (e.g., product interests). The incident has triggered phishing risks for affected individuals, with Korean legislators criticizing Dior for delayed reporting to authorities. The attackās scope is still under investigation, but the leaked data though not financial poses reputational and privacy risks, particularly given the high-profile nature of the brand and its customer base. Authorities and impacted users have been alerted, though the long-term consequences (e.g., fraud, regulatory penalties) remain unclear.
Source: https://www.scworld.com/brief/data-breach-compromises-diors-chinese-korean-clients
Christian Dior Couture cybersecurity rating report: https://www.rankiteo.com/company/christian-dior-couture
"id": "CHR3163431111725",
"linkid": "christian-dior-couture",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Luxury Fashion',
'location': 'China',
'name': 'Dior (Chinese operations)',
'type': 'Subsidiary/Regional Office'},
{'industry': 'Luxury Fashion',
'location': 'South Korea',
'name': 'Dior (South Korean operations)',
'type': 'Subsidiary/Regional Office'}],
'customer_advisories': 'Customers urged to be mindful of potential phishing '
'attacks due to data exposure',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes (full names, '
'gender, phone '
'numbers, email '
'addresses, postal '
'addresses)',
'sensitivity_of_data': 'High (includes PII and purchase '
'histories)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Purchase histories',
'Contact details',
'Shared preferences']},
'date_detected': '2024-05-07',
'description': 'French multinational luxury fashion brand Dior was impacted '
'by a cyberattack on May 7, resulting in the exposure of '
'customer data from its Chinese and South Korean operations. '
'The compromised data includes full names, gender, phone '
'numbers, email addresses, postal addresses, purchase '
'histories, contact details, and shared preferences. Dior has '
'warned affected customers about potential phishing attacks. '
'Korean legislators have criticized Dior for failing to '
'promptly inform authorities.',
'impact': {'brand_reputation_impact': 'Potential damage due to data exposure '
'and delayed notification',
'customer_complaints': 'Criticism from Korean legislators for '
'delayed notification',
'data_compromised': ['Full names',
'Gender',
'Phone numbers',
'Email addresses',
'Postal addresses',
'Purchase histories',
'Contact details',
'Shared preferences'],
'identity_theft_risk': 'High (due to exposed PII)',
'payment_information_risk': 'None (payment card information '
'confirmed not affected)'},
'investigation_status': 'Ongoing',
'references': [{'source': 'BleepingComputer'}],
'regulatory_compliance': {'legal_actions': 'Criticism from Korean legislators '
'for delayed notification to '
'authorities'},
'response': {'communication_strategy': 'Customers urged to be mindful of '
'phishing attacks',
'incident_response_plan_activated': 'Yes (ongoing '
'investigation)'},
'stakeholder_advisories': 'Customers advised to be cautious of phishing '
'attempts',
'title': 'Dior Cyberattack Exposes Customer Data in China and South Korea',
'type': 'Data Breach'}