Dior latest retailer to be targeted by cyber attack
French luxury house Dior has confirmed a cyber attack resulting in a data breach that compromised personal customer information, primarily in China, as cyber security threats continue to plague the retail sector.
The company said the breach was discovered on 7 May and involved ‘unauthorised access’ to a customer database.
While no financial or banking details were exposed, the database contained personally identifiable information such as names, gender, email and postal addresses, phone numbers or purchase history.
In a statement, Dior said: “We immediately took steps to contain this incident. The teams at Dior, supported by leading cyber security experts, continue to investigate and respond to the incident. We are notifying all the relevant regulatory authorities”.
The company added that it is in the process of informing affected customers and deeply regrets “any concern or inconvenience” caused.
“The cyber attack on Dior has understandably raised eyebrows, particularly following a spate of similar incidents across the retail sector,” Matt Hull, Global Head of Threat Intelligence at NCC Group said.
“For consumers who regularly shop online and trust brands with their data, this is yet another reminder that cyber threats are a persistent part of our digital reality.”
Sensitive time for Dior owner LVMH
The breach comes at a sensitive time for Dior’s parent firm, LVMH, which reported an 11 per cent drop in sales in China in the first quarter of this year.
Analysts have said the incident could erode customer trust in a market where brand reputation and privacy are paramount.
Cyber security experts have warned that even without financial data, the exposed information could be used in targeted phishing attacks or fraud schemes.
“Threat actors could use this data to craft convincing scams, especially given Dior’s status as a luxury brand”, said Muhammad Yahya Patel at Check Point Software.
Dior’s breach follows a string of high profile cyber incidents in the UK, including Marks and Spencer, Harrods, and Co-op.
M&S confirmed this week that its systems were still recovering from the ransomware attack, which disrupted online services and compromised customer data.
Dior said it remains committed to safeguarding customer information and is working closely with authorities and security specialists to mitigate any further impact.