French luxury fashion brand Dior has confirmed a major data breach after unauthorized access to customer information was detected earlier this month. The company identified the incident on May 7, 2025.
The breach affected customers of Dior’s Fashion and Accessories division, with confirmed impact in regions including China and South Korea. The incident has raised concerns over data privacy and customer trust across the global luxury industry.
What Information Was Exposed?
According to Dior’s official communication, the following customer details were compromised:
- Full names
- Gender
- Mobile phone numbers
- Email addresses
- Postal addresses
- Purchase history and preferences
Dior assured customers that no financial data—such as credit card numbers, IBANs, or bank account details—was part of the affected database. Passwords and payment information were stored separately and were not impacted.
International Impact and Response
The breach appears to have a global reach, with Chinese media reporting that even high-profile clients may have been affected. In South Korea, Dior faced criticism for delays in notifying customers and government authorities. Some customers reportedly received alerts nearly a week after the breach was discovered.
Dior stated that it immediately acted to contain the threat and brought in cybersecurity experts to investigate and secure the affected systems. The company has notified regulatory bodies and is working to meet legal requirements in all impacted regions.
Dior Issues Apology and Guidance
In messages to affected users, Dior apologized for the incident and reaffirmed its commitment to data protection:
“No passwords or payment information, including bank account or payment card information, were in the database affected in the incident… The confidentiality and security of our customers’ data is an absolute priority for the House of Dior. We sincerely regret any concern or inconvenience this matter may cause our customers.”
Although no financial data was leaked, experts warn that exposed personal information could be used in phishing attacks or identity theft. Dior has advised customers to stay alert, avoid suspicious links, and not share sensitive data such as passwords or verification codes.
Industry-Wide Security Concerns
This breach comes amid a growing number of cyberattacks targeting global retailers and luxury brands. Experts warn that as businesses collect more personal data to improve customer experiences, they also face greater risks from cybercriminals.
Dior’s incident is a reminder that even the most prestigious brands are vulnerable. The exposure of personal data underscores the need for strong cybersecurity measures and public awareness in an increasingly digital marketplace.
