On July 30, 2019, Paris–based beauty retailer Sephora notified its online customers about a data breach that impacted their personal information. The scope of the breach spanned Singapore, Malaysia, Indonesia, Thailand, Philippines, New Zealand, and Australia.
In a data breach that affected online Sephora customers in the Asia-Pacific over a span of two weeks in mid-July, full names, dates of birth, gender, email addresses, encrypted passwords, and beauty preferences were accessed. Fortunately, no credit card information was stolen. The affected database stored information of clients who shopped online in South-East Asia and neighboring countries; customers who shopped from the brick-and-mortar locations were not impacted.
Apart from informing its clients, Sephora notified the Personal Data Protection Commission (PDPC). It has also taken steps to review its security systems with the help of a leading cybersecurity provider and has reset all existing customer passwords. Sephora is also offering free personal data monitoring service to its affected customers.
Don't want to make the news for the wrong reasons? Download ManageEngine Log360, the tool that can help combat internal and external security attacks.
Log360, ManageEngine's comprehensive log management and Active Directory auditing tool, helps you:
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
You will receive weekly cybersecurity news soon!
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.