Luxury fashion brand Dior has alerted customers to a data breach involving its Chinese customer database. The company revealed that an unauthorised external party had gained access to sensitive customer information, though financial data was not affected.
The breach came to light after Dior sent an internal memo to affected consumers on 13 May. According to multiple Chinese media outlets, including Global Times, the memo stated that the company discovered the breach on 7 May.
The compromised data includes customer names, gender, phone numbers, email addresses, mailing addresses, purchase histories, shopping preferences, and other user-related information collected by Dior.
In a statement, the fashion giant said: “We recently identified a security breach that resulted in unauthorized access to certain data we hold, including customer information. Upon discovering the issue, we immediately took steps to contain it.”
While Dior has not disclosed the number of individuals impacted, it clarified that no financial information (bank account numbers, IBANs, or credit card details) was compromised. The memo was reportedly only sent to customers directly affected by the incident.
In the aftermath of the incident, Dior urged Chinese customers to be careful, and advised against responding to suspicious messages, emails, or calls. It also warned customers not to share verification codes or personal credentials with unknown sources.
Responding to public concern, a Dior customer service representative confirmed the incident, and said upon discovering the issue, they immediately took steps to contain it, and that the matter is still under investigation. Customers with inquiries will be updated directly via phone if new information becomes available.
The breach comes at a challenging time for Dior’s parent company, LVMH. The French luxury conglomerate reported a 3% year-over-year decline in group revenue for the first quarter of 2025, with earnings totaling €20.3 billion. Revenue from China, excluding Japan, fell by 11%, and the region’s contribution to LVMH’s overall sales dropped from 33% in 2024 to 30% this year.
Be on High Alert
Muhammad Yahya Patel, Global Security Evangelist & Advisor, Office of the CTO, at Check Point Software, said: “In the wake of the Dior data breach, customers should be on high alert for phishing emails. These might appear to come from Dior and could include password reset requests, contact detail updates, or fake purchase confirmations, all of which are common tactics used by cybercriminals to trick victims into clicking malicious links.”
Patel said tiven that Dior is a luxury shopping brand, there’s also a heightened risk of scammers pushing fake promotions, discount codes, or exclusive sale offers to lure unsuspecting customers.
“Anyone who’s interacted with the brand recently should treat any unexpected email or SMS with caution and avoid clicking on links or entering login details via third-party websites. In today’s digital world, it’s always safer to visit a brand’s official website directly through your web browser rather than clicking on links in emails or SMS messages. Anyone who’s interacted with the brand recently should treat any unexpected communication with caution and avoid entering login details or payment information unless they’re certain it’s legitimate.”
Ambiguity About the True Extent
Javvad Malik, Lead Security Awareness Advocate at KnowBe4, adds that the fashion house’s disclosure, while prompt, employs carefully measured language regarding the scope of affected data. “This careful phrasing, “some of the data we hold”, leaves considerable ambiguity about the true extent of the compromise, which is problematic from a transparency standpoint.”
Malik says although the non-exposure of payment information and credentials provides some reassurance, the compromised personal data (names, contact details, purchase history) presents substantial risk. ”This combination of information creates a perfect foundation for highly targeted social engineering attacks against a particularly affluent customer base.”
The international dimension of this breach, affecting customers across multiple jurisdictions including South Korea and China, also introduces complex regulatory compliance challenges, Malik adds. “The reports from Korean media suggesting potential notification failures are particularly concerning, as timely and comprehensive regulatory notification has been a well-established compliance requirement for years.”
Retailers in the Crosshairs
“Dior joins a long line of big-name retailers who’ve been hit in the past few weeks, signifying a concerted effort on the part of cybercriminals to target them,” comments Jamie Akhtar, CEO and Co-founder at CyberSmart. “The manner of attack and the kinds of data stolen bear remarkable similarities to other recent attacks on major retailers, confirming that, more than disruption, cybercriminals are after information.”
Akhtar says this type of data can be sold on the dark web quite lucratively for a quick buck or used to launch all manner of phishing and ransomware campaigns (or both for particularly enterprising hackers).
“What’s concerning is the regularity with which these kinds of attacks seem to be successfully launched against retailers, suggesting that the industry needs to take a serious look at its security measures. No financial data was stolen this time, however, the data that was stolen can still be used to target Dior customers. What’s more, the next retailer to be hit might not be so lucky,” Akhtar adds.
Truly Borderless Crime
“On a global scale, the retail industry has recently seen cyber-attacks that further attribute to millions of dollars of losses for major retailers as well as associated banks, manufacturers, and other supporting supply chain economies,” says Aditi Gupta, Senior Manager at Black Duck.
“The recent attack on Dior in China and M&S and Coop breaches in UK has made cybercrime truly borderless and a major threat to the direct consumer world, Gupta adds. “While the details unfold for the Dior attacks in China, it is prudent for consumers to be wary of any suspicious messages, calls or emails regarding recent purchases or discount codes.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.