Customers of online beauty retail giant Sephora will have to change their passwords after a data breach was reported in its online stores in the Asia Pacific. (Image via CNN Philippines)

If You Are Online Customers on Sephora, Your Personal Data May Have Been Breached

Sephora said on Monday (7/29) that it has detected data breach on its online customers' personal data for the last two weeks.

In an email, the international beauty retailer notified its online users in Asia and Pacific, including Indonesia, Malaysia, Singapore, Thailand, the Philippines, Hong Kong, Australia, and New Zealand about the expose of their personal data to unauthorized third parties.

The data leaked includes customers' name, birth date, gender, email addresses, and encrypted password, as well as data related to beauty preferences. Although, the managing director of Sephora in Southeast Asia Alia Gogi said no credit card information was accessed, however, the company had no reason to believe that any personal data has been misused.

Sephora did not reveal the number of online users affected but has canceled all existing passwords for customer accounts as a precaution and encouraged them to change their passwords.

The French beauty giant has also reviewed its security system thoroughly.

Customers who wish to get their personal data monitored can sign up at the link provided by Sephora using a unique code by November 30. The company is offering this service to the customers for free, through a third-party provider.

The incident did not affect any physical stores of Sephora. No major vulnerability and trace of cyber attack found on Sephora’s website either.

For customers who are not from the involved markets, the company ensured that their personal data were not affected in any way by this incident.

Source: https://www.channelnewsasia.com/news/asia/sephora-data-breach-singapore-malaysia-indonesia-thailand-nz-11763006