• Home
  • cyber
  • Dior and Marks & Spencer: Dior likely hit by ransomware attack
cyber Ransomware

Dior and Marks & Spencer: Dior likely hit by ransomware attack

May 16, 2025 2 min read
Dior and Marks & Spencer: Dior likely hit by ransomware attack

Dior Hit by Suspected Ransomware Attack, Customer Data Exposed

French luxury fashion house Dior has fallen victim to a suspected ransomware attack, with hackers gaining unauthorized access to internal servers and compromising sensitive customer data. The breach, still under investigation, appears to involve file-encrypting malware, though Dior has not confirmed whether a ransom demand was made.

The exposed data includes names, gender details, phone numbers, email and postal addresses, purchase history, and fashion preferences categorized by gender and age. While no financial information such as payment details or employee records was leaked, the stolen data poses risks for targeted phishing attacks, where cybercriminals could use personal details to craft convincing fraudulent messages.

Dior has responded by implementing security measures to contain the breach and prevent further spread of the malware. The company’s IT teams are conducting a full investigation and have committed to providing updates as new details emerge. Customers have been advised to monitor their accounts for suspicious activity, as the stolen data may be exploited in phishing schemes over the next 6 to 12 months.

The incident follows a recent wave of cyberattacks on major retail brands, including Marks & Spencer, Co-Op, and Harrods, linked to the "Scattered Spider" gang and the DragonForce ransomware group. While Dior has not attributed the attack to a specific threat actor, the breach underscores the growing focus of cybercriminals on retail data, which can be used for fraud, identity theft, or even targeted marketing by third parties.

As the investigation continues, the full impact of the breach remains unclear, though the exposure of personal details particularly shopping preferences raises concerns about long-term privacy risks.

Source: https://www.cybersecurity-insiders.com/dior-likely-hit-by-ransomware-attack/

Christian Dior Couture cybersecurity rating report: https://www.rankiteo.com/company/christian-dior-couture

Marks and Spencer cybersecurity rating report: https://www.rankiteo.com/company/marks-and-spencer

"id": "CHRMAR1769504421",
"linkid": "christian-dior-couture, marks-and-spencer",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Luxury Fashion',
                        'location': 'France',
                        'name': 'Dior',
                        'type': 'Company'}],
 'customer_advisories': 'Monitor accounts for suspicious activity; stolen data '
                        'may be exploited in phishing schemes over the next 6 '
                        'to 12 months',
 'data_breach': {'data_encryption': 'File-encrypting malware involved',
                 'personally_identifiable_information': 'Names, gender '
                                                        'details, phone '
                                                        'numbers, email and '
                                                        'postal addresses',
                 'sensitivity_of_data': 'High (personal details, purchase '
                                        'history, fashion preferences)',
                 'type_of_data_compromised': 'Customer data'},
 'description': 'French luxury fashion house Dior has fallen victim to a '
                'suspected ransomware attack, with hackers gaining '
                'unauthorized access to internal servers and compromising '
                'sensitive customer data. The breach, still under '
                'investigation, appears to involve file-encrypting malware, '
                'though Dior has not confirmed whether a ransom demand was '
                'made.',
 'impact': {'brand_reputation_impact': 'Raises concerns about long-term '
                                       'privacy risks',
            'data_compromised': 'Names, gender details, phone numbers, email '
                                'and postal addresses, purchase history, '
                                'fashion preferences categorized by gender and '
                                'age',
            'identity_theft_risk': 'Poses risks for targeted phishing attacks '
                                   'and identity theft',
            'payment_information_risk': 'No financial information such as '
                                        'payment details was leaked',
            'systems_affected': 'Internal servers'},
 'investigation_status': 'Ongoing',
 'ransomware': {'data_encryption': 'Yes'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'communication_strategy': 'Customers advised to monitor their '
                                        'accounts for suspicious activity; '
                                        'updates to be provided as new details '
                                        'emerge',
              'containment_measures': 'Security measures implemented to '
                                      'contain the breach and prevent further '
                                      'spread of the malware',
              'incident_response_plan_activated': 'Yes'},
 'title': 'Dior Hit by Suspected Ransomware Attack, Customer Data Exposed',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.