The Sephora security breach includes the user’s first and last name, date of birth, gender, email address, encrypted password, as well as data related to beauty preferences. Handout.

Personal details of Sephora’s online customers in Singapore, Malaysia, Indonesia, Thailand, the Philippines, Hong Kong, Australia and New Zealand have been leaked, the international beauty retailer said on Monday, Channel News Asia (CNA) reported.

Sephora said in a notice to customers that the data breach, which involved “some customers,” had resulted in the exposure of personal information to unauthorized third parties.

Sephora did not elaborate on the number of users affected, the CNA report said.

The personal information compromised includes the user’s first and last name, date of birth, gender, email address, encrypted password, as well as data related to beauty preferences.

“Please be reassured that no credit card information was accessed, and we have no reason to believe that any personal data has been misused,” it added.

Managing director for Sephora Southeast Asia, Alia Gogi said in an email to customers that all existing passwords for customer accounts have been cancelled as a precaution.

“We are also offering a personal data monitoring service, at no cost to you, through a leading third-party provider,” she added.

The French beauty giant also said that it has “thoroughly reviewed” its security systems.

Sephora’s online users are advised to change their password if they have not already done so. They should also register for the personal data monitoring service online by Nov 30.

None of the physical stores were affected, said the cosmetic retailer on its frequently asked questions page.

“The security incident was limited to a database serving our Southeast Asia, Hong Kong SAR and Australia/New Zealand customers who used our online services,” Sephora stated, adding that it was safe for customers to continue using its website and mobile app.

The company also said it detected the data breach “over the last two weeks” and immediately appointed independent experts to investigate. Affected customers were notified as soon as the details of the incident had been verified.

A spokesperson from Brunswick Group, a strategy advisory firm working with Sephora Southeast Asia, told CNA that the company’s regional databases operate independently.

Founded in France, Sephora has close to 2,000 stores in about 30 markets selling cosmetics, skincare, fragrance, beauty tools, personal and hair care products.

Its website stated that it has an expanding base of more than 200 stores across the Asia-Pacific region including Australia, China, India, Indonesia, Malaysia, Singapore and Thailand.

Sources: Channel News Asia, Today Online

Asia Times Financial is now live. Linking accurate news, insightful analysis and local knowledge with the ATF China Bond 50 Index, the world's first benchmark cross sector Chinese Bond Indices. Read ATF now. 

Leave a comment

Your email address will not be published. Required fields are marked *