French luxury fashion house Dior has confirmed a significant data breach, revealing that an unauthorized external party accessed sensitive customer information earlier this month.
The incident, discovered on May 7, 2025, has affected Dior’s Fashion and Accessories customers across several regions, including China and South Korea, and has sparked concerns over privacy and brand trust within the global luxury sector.
According to official statements and customer notifications, the compromised data includes:
- Full names
- Gender
- Mobile phone numbers
- Email addresses
- Postal addresses
- Purchase information and history
- Shopping preferences
Dior has emphasized that no financial information, such as bank details, IBANs, or credit card numbers, was stored in the affected database.
Passwords and payment information were kept in separate, uncompromised systems, ensuring that customers’ direct financial loss risk remained minimal.
The breach appears to have had an international reach, with confirmed notifications sent to customers in China and South Korea.
Chinese media reports indicate that some of the brand’s wealthiest clients may have been affected. In South Korea, Dior faces criticism for delays in notifying customers and local authorities.
Some Korean customers reported receiving notifications nearly a week after the breach was discovered, raising questions about Dior’s incident response protocols.
DIOR Cyber Attack
Dior responded by immediately containing the breach and enlisting cybersecurity experts to investigate and mitigate the incident. The company has notified relevant regulatory bodies and is working to comply with all applicable laws.
In communications with customers, Dior apologized for the incident and stressed that the confidentiality and security of customer data remain top priorities.
“No passwords or payment information, including bank account or payment card information, were in the database affected in the incident… The confidentiality and security of our customers’ data is an absolute priority for the House of Dior. We sincerely regret any concern or inconvenience this matter may cause our customers.”
While no financial data was exposed, the personal information accessed could increase the risk of targeted phishing scams and identity fraud.
Dior has urged customers to remain vigilant for suspicious communications, avoid clicking on unknown links, and not disclose sensitive information such as verification codes or passwords.
This incident comes amid a wave of cyberattacks targeting major retailers and luxury brands worldwide. Industry experts warn that as companies collect more customer data to personalize services, the stakes and risks of data breaches continue to rise.
Dior’s data breach underscores the persistent threat posed by cybercriminals, even to the world’s most prestigious brands.
While financial data remains secure, the exposure of personal information serves as a stark reminder for both companies and consumers to prioritize cybersecurity and remain alert to potential scams in the aftermath of such incidents.
Vulnerability Attack Simulation on How Hackers Rapidly Probe Websites for Entry Points – Free Webinar
.webp?w=100&resize=100,70&ssl=1 "Top 10 Best Fraud Prevention Companies in 2025")
