Everything we know about the Dior cyber attack so far

Luxury fashion brand Dior is the latest victim in a flurry of cyber attacks on retailers in recent weeks, joining Harrods and M&S.

The company has contacted an unknown number of customers in China and South Korea, telling them that on May 7 it had discovered an unauthorized third party had accessed systems and stolen some customer data.

“We immediately took steps to contain this malicious incident,” the letter reads. “The teams at Dior, supported by leading cybersecurity experts, continue to investigate and respond to the incident. We have notified the relevant regulatory authority.”

The retailer has told customers to look out for suspicious activity or messages, and not to click on links from unknown sources.

Based on the findings of the investigation so far, Dior said the stolen data includes name, gender, mobile phone number, email address, postal address, and purchase and preferences data, along with other data specific to individual customers.

However, in a statement given to ITPro, the retailer said exposed information does not include bank details, IBAN or credit card details, or other financial information.

James Hadley, founder and chief innovation officer at Immersive, commended the retailer’s swift action in response to the incident.

“Clear and actionable communications are essential after a breach and customers will want clear assurances about the impact to their personal data and the next steps they can take to protect themselves from the potential fallout.”

However, Dior has come under fire for being slow to tell customers about the incident, and for failing to report it to the right authorities.

According to Korea JoonAng Daily, while the company notified the Personal Information Protection Commission (PIPC), it failed to report the incident to the Korea Internet & Security Agency (KISA), as the law requires.

This could cost the firm 30 million won ($21,180) in fines.

So far, no threat group has claimed responsibility for the attack. However, Hadley warned that stolen information “may be useful materials” for social engineering attacks further down the line.

Dior is the latest in a string of attacks

Retailers globally have faced a slew of threats in recent weeks as cyber criminal groups target the sector.

Three UK retailers, M&S, the Co-op, and Harrods, have all experienced cybersecurity incidents.

These attacks have been attributed to the Scattered Spider ransomware group, responsible for numerous previous attacks, including one on casino operators MGM Resorts International and Caesars Entertainment in 2023.

This week, Google warned that this loosely-associated, English-speaking group was starting to turn its attention to US retailers too.

“These actors are aggressive, creative, and particularly effective at circumventing mature security programs,” said John Hultquist, an analyst at Google’s cybersecurity arm.

He added that the group has a history of focusing on a single sector at a time and is likely to target retail for a while yet.

MORE FROM ITPRO