Luxury fashion house Dior has confirmed a serious data breach following a cyberattack that occurred on May 7, 2025. Cybercriminals reportedly gained unauthorized access to a customer database containing personal information such as full names, email addresses, phone numbers, residential addresses, purchase history, and shopping preferences.
Publicly available information indicates that the data leak primarily affected customers in Asia, particularly in South Korea and China. In South Korea, Dior issued an official statement on its website, while in China, affected customers were notified via SMS. The company is currently working with cybersecurity experts and relevant regulatory authorities to investigate the incident.
This breach is part of a broader wave of cyberattacks targeting the retail sector. Other major brands, including Marks & Spencer in the UK and SMYK in Poland, have also experienced data breaches in recent weeks. According to cybersecurity firm Check Point, organizations worldwide faced an average of nearly 1,900 attempted cyberattacks per week per company at the end of April.
“In the wake of Dior’s data breach, customers should be especially cautious of phishing attempts. These may appear as messages from Dior requesting password resets, updates to contact information, or false purchase confirmations. These are common tactics used by cybercriminals to trick victims into clicking malicious links,” warned Muhammad Yahyi Patel, a representative from Check Point Software Technologies.
Dior emphasized that the safety and confidentiality of customer data remain a top priority. The brand apologized for any inconvenience caused by the incident and pledged to mitigate its consequences.
“Anyone who has recently interacted with a brand affected by a cyberattack should treat unexpected emails or SMS messages with caution. Avoid clicking on links or entering login details via third-party websites. In today’s digital landscape, it’s always safer to access a brand’s official website directly through your browser, rather than through links in messages,” added Patel from Check Point, a global cybersecurity firm.
Source: CEO.com.pl – Cyberattack on Dior: Brand Confirms Theft of Customer Data
