Cyber Incident Victim: Rituals

On April 22, 2026, Rituals disclosed via an email to customers that it had identified an unauthorized download of members’ data from its membership database earlier that month. The compromised data included customers’ full names, dates of birth, gender, postal and email addresses, phone numbers, preferred Rituals store, and account type. The company explicitly stated that no passwords or payment information were accessed during the incident. Rituals said it immediately took measures to stop the unauthorized access and contained the situation.

Affected members are being notified directly, and the company advised recipients to stay alert for possible phishing messages. Rituals has launched an in‑depth forensic investigation to determine how the breach occurred and to identify preventive measures for the future, and it has reported the incident to the relevant authorities. A spokesperson declined to provide the exact number of affected individuals, citing security reasons, but noted that the membership database contains over 41 million records. The spokesperson also confirmed that the stolen data pertains to customers in Europe and the United Kingdom, with additional notifications sent to some users in the United States.

Rituals operates over 1,170 shops and 4,200 shop‑in‑shops across more than two dozen countries and reported €2.4 billion in revenue for 2025. The company said it is not aware of the stolen information being made publicly available and has not observed any known ransomware or extortion group claiming responsibility for the attack. This breach follows a series of similar intrusions at other European retailers in the past year, including incidents at UK grocery chains Co‑op and Marks & Spencer. Rituals declined to share further specifics about the attackers or a more precise timeline, citing security reasons.