A couple of months ago, I posted a story on fashion house Dior getting pwned in a cyberattack. Today Dior is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information:
Based on the findings of the investigation, the following information has been exposed:
- Full names
- Contact details
- Physical address
- Date of birth
- Passport or government ID number (in some cases)
- Social Security Number (in some cases)
The company clarifies that no payment details, such as bank account or payment card information, were contained in the compromised database, so this information remains safe.
Law enforcement was notified accordingly, while third-party cybersecurity experts were engaged to help contain the incident.
Erich Kron, Security Awareness Advocate at KnowBe4:
“While we often focus on credit card details in situations like this, the elephant in the room is the fact that so much personal information about the clients was lost. It would be no shock to find out that many of these customers are those of high net worth, and probably value their privacy. This breach exposes phone numbers, addresses, possibly passport and tax ID information, as well as other things that the customers of the luxury brand would probably not like made public. In other words, this could be a bit of a mess for Dior. Cybercriminals can use the information that was leaked to target individuals in future attempts of thievery and deception.”
“Those impacted by this breach should be especially careful moving forward and may want to consider locking their credit or taking other similar steps to fight against potential identity theft. For organizations that handle sensitive information such as this, it’s absolutely critical that their employees are trained to spot and report attempted social engineering attacks and that data privacy controls are in place within the organization to secure this information. This means a robust Human Risk Management (HRM) program that is bolstered by other technical controls as well.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy:
“U.S. customers of House of Dior should immediately take advantage of the free 24-month credit monitoring and identity theft protection package offered by the company. They also need to stay alert for any phishing emails, texts, or phone scams using the purloined information in an attempt to get more info.”
“Meanwhile, customers of Louis Vuitton should be proactive in protecting their accounts and personal information, even though the company has not yet officially announced that they were affected by a similar data breach.”
About that Louis Vuitton thing… It appears that they got pwned as well. I’ll be looking into that and posting about that when I get more details.
Like this:
Like Loading...
Related
This entry was posted on July 21, 2025 at 3:07 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Dior Starts To Send Data Breach Notifications To US Customers
A couple of months ago, I posted a story on fashion house Dior getting pwned in a cyberattack. Today Dior is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information:
Based on the findings of the investigation, the following information has been exposed:
The company clarifies that no payment details, such as bank account or payment card information, were contained in the compromised database, so this information remains safe.
Law enforcement was notified accordingly, while third-party cybersecurity experts were engaged to help contain the incident.
Erich Kron, Security Awareness Advocate at KnowBe4:
“While we often focus on credit card details in situations like this, the elephant in the room is the fact that so much personal information about the clients was lost. It would be no shock to find out that many of these customers are those of high net worth, and probably value their privacy. This breach exposes phone numbers, addresses, possibly passport and tax ID information, as well as other things that the customers of the luxury brand would probably not like made public. In other words, this could be a bit of a mess for Dior. Cybercriminals can use the information that was leaked to target individuals in future attempts of thievery and deception.”
“Those impacted by this breach should be especially careful moving forward and may want to consider locking their credit or taking other similar steps to fight against potential identity theft. For organizations that handle sensitive information such as this, it’s absolutely critical that their employees are trained to spot and report attempted social engineering attacks and that data privacy controls are in place within the organization to secure this information. This means a robust Human Risk Management (HRM) program that is bolstered by other technical controls as well.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy:
“U.S. customers of House of Dior should immediately take advantage of the free 24-month credit monitoring and identity theft protection package offered by the company. They also need to stay alert for any phishing emails, texts, or phone scams using the purloined information in an attempt to get more info.”
“Meanwhile, customers of Louis Vuitton should be proactive in protecting their accounts and personal information, even though the company has not yet officially announced that they were affected by a similar data breach.”
About that Louis Vuitton thing… It appears that they got pwned as well. I’ll be looking into that and posting about that when I get more details.
Share this:
Like this:
Related
This entry was posted on July 21, 2025 at 3:07 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.