French fashion brand Dior has made a public apology after verifying that some of its Chinese customers’ personal information was hacked in a recent cyber attack. The incident, in which no financial details were involved, was revealed through an in-house memo sent out to compromised clients this week.
In a message, Dior notified customers that an unauthorised third party had accessed one of its databases. The company stated it acted quickly to limit the breach and initiated an internal investigation, which determined that contact information, purchase history, and customer preferences had been leaked. Dior emphasised that no payment or banking data—such as credit card numbers or IBANs—was part of the leaked data.
While Dior guaranteed customers that their financial data is safe, the company cautioned that the stolen information may still be utilised in phishing or scams. Customers were advised to be vigilant for suspicious messages, not to click on unfamiliar links, and not to provide sensitive personal information to unverified parties.
The Dior breach is part of a wider wave of cyberattacks on prominent UK retailers. M&S is still dealing with a significant cyber attack that has caused its online business to malfunction, losing the retailer millions of pounds in lost sales. Likewise, the Co-op and Harrods department store have also been hit by cyber threats, although the latter seems to have had limited damage.
The Dior scandal falls at a challenging moment for parent group LVMH, which announced a 3 per cent year-over-year slump in first-quarter 2025 revenue to US $ 22.7 billion. Sales in China (excluding Japan) fell 11 per cent, and the market’s portion of LVMH’s overall revenue declined from 33 per cent in 2024 to 30 per cent.
As more and more luxury companies depend on user data to better target experiences and sales, the breach highlights increasingly risky behavior surrounding the storage of large volumes of consumer data.
