Sephora Southeast Asia suffered a data breach incident in January 2017 that exposed data for 780,073 customers.
The breach compromised the data including customer’s dates of birth, email addresses, ethnicities, genders, names, and physical attributes.
Data from the Sephora data breach was also sold on online hacker forums.
Source: https://securityaffairs.co/wordpress/92211/data-breach/sephora-streeteasy-hibp.html
TPRM report: https://scoringcyber.rankiteo.com/company/sephora-sea
"id": "sep193241222",
"linkid": "sephora-sea",
"type": "Data Leak",
"date": "01/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 780073,
'industry': 'Beauty and Cosmetics',
'location': 'Southeast Asia',
'name': 'Sephora Southeast Asia',
'type': 'Retail'}],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 780073,
'personally_identifiable_information': True,
'sensitivity_of_data': 'Personal Information',
'type_of_data_compromised': ['dates of birth',
'email addresses',
'ethnicities',
'genders',
'names',
'physical attributes']},
'date_detected': 'January 2017',
'description': 'Sephora Southeast Asia suffered a data breach incident in '
'January 2017 that exposed data for 780,073 customers. The '
'breach compromised the data including customer’s dates of '
'birth, email addresses, ethnicities, genders, names, and '
'physical attributes. Data from the Sephora data breach was '
'also sold on online hacker forums.',
'impact': {'data_compromised': ['dates of birth',
'email addresses',
'ethnicities',
'genders',
'names',
'physical attributes']},
'initial_access_broker': {'data_sold_on_dark_web': True},
'title': 'Sephora Southeast Asia Data Breach',
'type': 'Data Breach'}