Dior confirms customer data breach in China, urges vigilance

Christian Dior, the renowned French luxury brand owned by LVMH, confirmed a customer data breach in China following unauthorized access to a segment of its database. The company notified affected customers via text message on Monday evening, revealing that the breach was identified on May 7 and involved the compromise of personal data.

According to the notification, the exposed information includes customers’ names, gender, phone numbers, email addresses, mailing addresses, purchase amounts, and shopping preferences. Dior assured customers that the breached data did not contain financial details such as bank account numbers, IBANs, or credit card information.

While the exact number of affected individuals has not been disclosed, Dior’s customer service indicated that messages were sent exclusively to those whose data was compromised. The company urged recipients to remain cautious and to avoid interacting with suspicious messages, emails, or calls. Customers were also advised not to share sensitive information such as passwords or verification codes.

A Dior spokesperson confirmed the incident in a statement to Chinese media on Tuesday. “We recently identified a security breach that resulted in unauthorized access to certain data we hold, including customer information,” the representative said. “Upon discovering the issue, we immediately took steps to contain it.” The spokesperson noted that the matter remains under investigation and that updates will be provided to concerned customers as the inquiry progresses.

The breach comes at a time when Dior has been expanding its digital presence in China, particularly through online marketing and customer engagement platforms like WeChat mini-programs. These platforms typically require users to provide basic personal information during registration, which is used to tailor services and build detailed consumer profiles. While such data-driven strategies are central to Dior’s approach in China, the incident highlights the potential risks associated with managing large volumes of customer information.

Following the announcement, users on Chinese social media platform Xiaohongshu voiced concerns about the brand’s data protection practices. One user, posting under the handle @Xiaoyi’s Bright Life, criticized Dior’s handling of personal information and called for stronger data safeguards. Several others reported receiving a surge in unsolicited messages and phone calls, although no direct link to the breach has been officially confirmed.