Cybersecurity incident at fashion brand Dior exposes customer information
Learn More
The renowned French luxury fashion brand House of Dior reports a cybersecurity incident affecting its Fashion and Accessories customers. The incident was discovered on May 7, 2025 and has been confirmed to impact customers in both South Korea and China.
After detecting the unauthorized access, Dior implemented containment measures and engaged cybersecurity experts to investigate the full scope and impact of the breach. According to notifications shared with affected customers, the following personal information was potentially compromised:
- Full name
- Gender
- Phone number
- Email address
- Postal address
- Purchase history
- Customer preferences shared with the brand
The nature of the attack and the number of affected individuals is not disclosed.
The fashion house is currently working to notify all relevant regulatory authorities and affected customers in accordance with applicable laws. Korean media reports indicate that Dior faces legal scrutiny for allegedly failing to notify all the applicable authorities in South Korea about the data breach in a timely manner.
The company has issued a public apology to Chinese customers.
Update - as of 21st of July 2025, Dior is sending data breach notifications to U.S. customers informing them that the cybersecurity incident compromised their personal information. Per the investigation, the following information has been exposed:
- Full names
- Contact details
- Physical address
- Date of birth
- Passport or government ID number (in some cases)
- Social Security Number (in some cases)
Dior is offering 24-month credit monitoring and identity theft protection package free of charge. The number of affected individuals is not disclosed.
