Cyber Incident Victim: Christian Dior
Date:
May 2025
Location:
France
Summary
Dior disclosed a cyberattack that exposed customer data including full names, gender, phone numbers, email addresses, postal addresses, and purchase history, while confirming that passwords and payment card information were not compromised. The breach was identified on the company’s Korean website and affected customers in South Korea and China, prompting notifications to regulators and affected individuals, and leading to legal scrutiny in Korea over alleged failures to report the incident to authorities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 7, 2025, Dior discovered that an unauthorized external party accessed some data held for Dior Fashion and Accessories customers. The company immediately took steps to contain the incident and began an investigation with leading cybersecurity experts. The breach date was noted in a notice posted on Dior’s Korean shop, which also indicated that the incident involved unauthorized personnel access. The notice disclosed that the exposed information included full name, gender, phone number, email address, postal address, and purchase history. Dior clarified that passwords and payment card information were not exposed because they were stored in a separate, unaffected database.

Although Dior did not publicly disclose the total number of customers affected or the specific countries involved, notifications confirmed that the South Korean website was impacted and there were reports of Chinese customers receiving data breach notifications. The exposed data consisted of contact information, purchase history, and preferences that customers had shared with the brand. Korean media reported that Dior faced legal scrutiny for allegedly failing to notify all applicable authorities in South Korea about the breach. The company stated that it was working to notify relevant regulators and affected customers in accordance with applicable law.
Dior emphasized that the confidentiality and security of customer data is an absolute priority and expressed regret for any concern or inconvenience caused. At the time of the public disclosure, details about the number of customers and the full list of affected countries had not been released. The investigation continued to determine the full scope of the incident, with Dior supported by external cybersecurity experts. No further specifics about attacker identity, methods, or additional compromised systems were provided in the available source material.
