Sephora Breach: Expert Commentary

By   ISBuzz Team
Writer , Information Security Buzz | Jul 30, 2019 02:51 am PST

International beauty retailer Sephora has emailed customers in the Southeast Asia region to inform them it has discovered a breach that occurred within the last fortnight.

Sephora said some personal information may have been exposed to unauthorised third parties, including first and last name, date of birth, gender, email address, and encrypted password, as well as data related to beauty preferences but company confirmed no credit card information was accessed.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
George Wrenn
George Wrenn , Founder and CEO
July 30, 2019 11:02 am

It is a great challenge for many organizations to standardize their cybersecurity operations globally. Varying regulations for both security and privacy come into play, especially when dealing with an enterprise that operates around the globe. It is in cases like these where an integrated approach to cybersecurity becomes all the more important – with organizations that can do business in all corners of the globe. Spreadsheets do not get the job done. This breakdown is why we see many large organizations flock to an integrated risk management (IRM) approach. IRM is allowing organizations to aggregate risk and compliance data from all business units and make smarter and more informed decisions. With the patchwork of regulations that are emerging around the world, cybersecurity leaders must be prepared to integrate their organizations to stay wholly aware of the posture of their organization.

Last edited 4 years ago by George Wrenn
Kevin Gosschalk
July 30, 2019 10:57 am

We are living in a post-breach world where fraudsters have easy access to customer data, and each subsequent breach only adds to the available information on the dark web, creating a paradigm of fraudulent activity. These types of incidents provide cybercriminals with the incentive and tools they need in order to commit ongoing, lucrative, and easy fraud. In this case, the information hackers had access to, including encrypted passwords and email addresses, can now be weaponized in future account takeover (ATO) attacks. While Sephora has cancelled all existing passwords as an immediate first step, customers are inherently still at risk. The lasting impact is unknown and unfortunately, a staggering 59% of consumers admit to reusing the same password across multiple sites, even knowing the risks associated. This could give cybercriminals access to various accounts for the same individual across multiple services, rendering their entire digital footprint incredibly vulnerable as a result.

There is an ongoing onus on Sephora to safeguard its customers against future cybercrime associated with their password vulnerabilities. Our reality is that cybercrime is a well-funded and connected business where fraudsters have access to sophisticated tools and resources to launch attacks. This breach is yet another incident that provides them with the exact ammunition they need. The longer term solution will come from eliminating the economic incentives behind these attacks through the use of integrated strategies that detect fraud in real-time and block attacks from being successful.

Last edited 4 years ago by Kevin Gosschalk

Recent Posts

Would love your thoughts, please comment.x