FutureFive New Zealand - Consumer technology news & reviews from the future
New Zealand
Guides
#
drones
#
gaming
#
reviews
#
smartphones
#
virtual reality
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
Physical Security
Sephora hit by data breach; Asia & ANZ user passwords cancelled
Tue, 30th Jul 2019
FYI, this story is more than a year old
Author image
By Sara Barker, Copywriter and Senior News Editor
Follow us

Beauty store Sephora is urging online customers across parts of Asia, Australia and New Zealand to change their passwords, after the company uncovered a data breach that potentially leaked customers' personal information.

Sephora Southeast Asia says during the past two weeks, the company discovered a breach related to some customers in Singapore, Malaysia, Indonesia, Thailand, the Philippines, Hong Kong SAR, Australia and New Zealand.

The breach potentially exposed personal information such as names, dates of birth, genders, email addresses, and encrypted passwords, as well as users' beauty preferences.

The company is quick to point out that no credit card information was affected and so far, the breach data doesn't seem to have been misused.

“As a precaution, we have cancelled all existing passwords for customer accounts and have thoroughly reviewed our security systems. Please change to a new password, if you have not already done so,” the company states.

The company is also offering registrations to its personal data monitoring service offered by Experian. The service provides identity monitoring so users can be notified if data matching their information is found on the internet and dark web. The service also offers restoration assistance in the case of identity theft.

Customers can use the unique code sent to them via email to register for the service. you can register for the personal data monitoring service at http://www.globalidworks.com/identity1.

“This is an optional service, and you can choose which type of personal data you wish to monitor,” states Sephora.

Sephora is still investigating the cause of the breach with the help of ‘independent experts'.

“We understand how important your personal information is and value the trust you place in us to protect it,” the company states.

Sephora's physical stores have not been affected by the breach. The company recently opened its first physical store in Auckland.

Sephora customers took to Twitter to voice their concerns:

"myiaerr‏ @myiaerr
@Sephora seems to be taking the data breach lightly cos they believed after two weeks no less, PII “may” have been exposed. So does it mean you don't know? You're pretty sure no cc info was tempered with but your apology email is vague AF. #SephoraSEA #databreach."

"jess jackson‏ @lainemaree 
Anyone else just sigh when they open their email to discover another company has had a data breach? At least Sephora has given people a free membership to an internet surveillance provider."

Related stories
Watch out! There are hidden dangers lurking in your PDFs
Review: Avast Ultimate Business Security - comprehensive to say the least
One wrong click can devastate your small business: so what can you do?
Hands-on review: JBL LIVE 770 NC noise-cancelling headphones
Logitech's MX Brio webcam to redefine creative digital collaboration
Top stories
Samsung unveils 2024 TV range, with AI-driven picture technology
AI is here to stay - share market fads versus trends
Game review: Children of the Sun (PC)
TVNZ launches innovative sports streaming service with MediaKind & Qibb
Sony launches ULT Power Sound series with artist Peso Pluma