Sephora online members’ data possibly exposed to unauthorized third parties

sephora philippines

Personal information of online members of Sephora in the Philippines, Singapore, Malaysia, Indonesia, Thailand, Hong Kong, Australia, and New Zealand have been leaked. This came directly from an email sent by the international beauty retailer on Monday, July 29.

In the email, Sephora said that the data breach, which involved “some customers”, had resulted in the exposure of personal information to unauthorized third parties.

No further information was given by the brand regarding the cause of the data breach.

The data breach resulted to the possible leak of customer information such as the user’s first and last name, date of birth, gender, email address, encrypted password, and data related to beauty preferences.

“Please be reassured that no credit card information was accessed, and we have no reason to believe that any personal data has been misused,” Sephora emphasized.

Here’s a copy of the email notice from Sephora.

sephora data breach southeast asia

As a precaution, all existing passwords for customer accounts have been canceled, according to Alia Gogi, Managing director for Sephora Southeast Asia (SEA).

Two measures were recommended to the customers regarding the data breach. If you are a Sephora online users, you should change your password immediately. You should also register for the personal data monitoring service online by November 30.

Anything to add to this story? Share your thoughts with us.