Sephora – a beauty retailer with 12 local outlets – announced on Monday (29 Jul) that a major breach of user’s data occurred some time in the past 2 weeks.
The breach spans customers across the Asia-Pacific region — including these countries:
According to the email blasted out to subscribers of the platform, some “personal information” was exposed to “unauthorised third parties”.
In essence, this information was part of the leak:
The only silver lining for affected users is that no “credit card information” has apparently been accessed. Sephora also claims that they don’t believe “any personal data has been misused”.
Besides apologising to their users, Sephora will be resetting all passwords for their accounts.
If you’re an affected user, you can also consider signing up for their “free personal data monitoring service” by 30 Nov at a link to be provided at a later date.
Do note that you’re also highly encouraged to change any email account passwords, or shared data ASAP — to prevent any spillover effects from this incident.
Featured image adapted from Sephora on Facebook.