Sephora Offers Monitoring Services in Wake of Data Breach

The data breach compromised data belonging to customers in parts of Southeast Asia, Australia, and New Zealand.

Dark Reading Staff, Dark Reading

July 30, 2019

1 Min Read

Sephora is addressing a data breach affecting some customers who shopped online in Singapore, Malaysia, Indonesia, Thailand, Philippines, Hong Kong SAR, Australia, and New Zealand. The incident reportedly took place within the last two weeks, reports confirm.

The company has contacted those affected by the incident, which has reportedly exposed data including the first and last names, birthdate, gender, email address, encrypted password, and personal beauty preferences of customers to unauthorized third parties. Officials say no credit card numbers were compromised and they have not found victims' data has been misused. Investigators have not found a "major vulnerability" on Sephora's Southeast Asia websites.

As a precaution, Sephora has cancelled all current customer account passwords and reviewed its security system. It's also offering a personal data monitoring service free of charge to those affected, wrote Alia Gogi, Sephora's managing director for SEA, in an email to victims. Shoppers are urged to change their passwords, if they haven't yet, and register for the service by Nov. 31.

Read more details here.



Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.





About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights