Dior

The House of Dior (Dior) experienced a data breach on January 26, 2025, which was discovered on May 7, 2025. The incident compromised personal information of U.S. customers, including full names, contact details, physical addresses, dates of birth, passport or government ID numbers, and Social Security Numbers. No payment details were compromised. Dior took steps to contain the incident and engaged law enforcement and third-party cybersecurity experts. Customers were advised to be vigilant against scams and offered a 24-month credit monitoring service.

Source: https://www.bleepingcomputer.com/news/security/dior-begins-sending-data-breach-notifications-to-us-customers/

TPRM report: https://scoringcyber.rankiteo.com/company/parfums-christian-dior

"id": "par711072225",
"linkid": "parfums-christian-dior",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Fashion',
                        'location': 'Worldwide',
                        'name': 'Dior',
                        'size': 'Large',
                        'type': 'Luxury Fashion House'}],
 'attack_vector': ['Database Compromise'],
 'customer_advisories': 'Remain vigilant for scams and phishing attempts, '
                        'monitor financial accounts, enroll in 24-month credit '
                        'monitoring and identity theft protection',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Full names',
                                              'Contact details',
                                              'Physical address',
                                              'Date of birth',
                                              'Passport or government ID '
                                              'number (in some cases)',
                                              'Social Security Number (in some '
                                              'cases)']},
 'date_detected': '2025-05-07',
 'description': 'The House of Dior (Dior) experienced a data breach where '
                'personal information of U.S. customers was compromised. The '
                'incident occurred on January 26, 2025, but was detected on '
                'May 7, 2025. The breach involved unauthorized access to a '
                'Dior database containing sensitive customer information.',
 'impact': {'data_compromised': ['Full names',
                                 'Contact details',
                                 'Physical address',
                                 'Date of birth',
                                 'Passport or government ID number (in some '
                                 'cases)',
                                 'Social Security Number (in some cases)'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'Low'},
 'investigation_status': 'Ongoing',
 'motivation': 'Data Theft',
 'references': [{'source': 'BleepingComputer'}],
 'response': {'communication_strategy': 'Data breach notifications sent to '
                                        'affected customers',
              'containment_measures': 'Prompt steps taken to contain the '
                                      'incident',
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'third_party_assistance': True},
 'threat_actor': 'ShinyHunters extortion group',
 'title': 'Dior Data Breach Incident',
 'type': 'Data Breach'}