Sephora’s customers who have online accounts with the cosmetics and beauty products retailer were alerted yesterday to a data breach discovered by the company in the last fortnight. In an email sent out to its customers in the Asia-Pacific region, including Singapore, Sephora said that personal information of “some customers” has been exposed to unauthorised third parties. Leaked information included the users’ first and last name, date of birth, gender, email address, encrypted password as well as data related to “beauty preferences”. The security incident affected online account holders in Australia, Hong Kong, Indonesia, Malaysia, New Zealand, the Philippines, Singapore and Thailand. All online users are advised to change their passwords if they have not already done so. Sephora stated that it “immediately appointed independent experts” to help investigate the breach, and notified affected customers as soon as it was able to verify the details of the incident. It is still investigating the extent of the data leak.

Posted by

Malay Mail